Prevent Application Updates With ‘APT-MARK’

While unwise, there are times when you need to prevent application updates. You can do this with ‘apt-mark’ and this article will explain how. Obviously, this method is only effective if you use a Linux distro that has an APT-based package manager.

For the most part, you should always keep your software updated. However, that’s a rule for the Ideal World®. For the rest of us, those of us that live in the Real World®, you’ll almost certainly run into an eventuality that requires you to keep an existing, specific version of software.

While entirely stupid and irresponsible, I kept a version of Thunderbird past its due date because the update simply ruined my existing installation. I only kept that outdated version long enough to make the leap to a more recent distro version. The tool I used to prevent application updates was apt-mark.

You will have your own reasons, from compliance to stability to functionality, for keeping the same version of your installed software. You should only use this sparingly, only as necessary, when there’s simply no other solution. This should also be a temporary measure. You should always try to use the upgraded software because there are (possibly) security implications if you don’t.

A little about APT

While we’ll technically be using ‘apt-mark‘, it should be mentioned that APT stands for Advanced Package Tool. It’s the default package manager that is used in many distros, mostly Debian and those of Debian descent. So, you’ll see it in everything from Ubuntu to Linux Mint. 

In the desktop scene, I suspect it’d be the most common of all package management tools. Even if you use a different distro with a different package manager, you should probably have a basic familiarity.

Using ‘apt-mark’ hold and unhold

The tool we’ll be using is ‘apt-mark’, and the man page helpfully defines it as:

apt-mark – show, set and unset various settings for a package

We’ll only be concentrating on a couple of commands, those necessary when you want to prevent application updates, plus one extra command that will help you keep track of the two commands we’ll be focusing on.

The first of those two commands is ‘hold’. This command is used when you want to ‘hold’ a package at its current version, preventing upgrades. Remember, this should really be used only when there’s no other solution, as many upgrades fix security issues as well as bugs. It’s actually a fairly simple command.

When you enter this command, you’ll get a confirmation message. It will tell you that the application is now being held. It will remain held until you ‘unhold’ it. So, it’s a set-it-and-forget-it type of deal, though you shouldn’t really forget it. You should undo it as soon as you realistically can.

To reverse the restriction, resuming your normal updates, you simply need to ‘unhold’ it. The command is fairly obvious, and it looks like this:

That will free the hold on the package and tell you that the hold has been lifted. The package should then upgrade as necessary and as issued. If new upgrades show up in the repositories, it should function as normal and upgrade like it did prior to the hold.

If you are like me, you may well forget that you’ve held packages back. The package names are often long and nonsensical, so they’re easy to forget. In the heat of the moment, you may have forgotten to make a note of the package(s) you’ve held.

Don’t worry, ‘apt-mark’ has you covered! When you want to know what packages are being held, just run this command:

Note the lack of ‘sudo’ in that command. You don’t need sudo because you don’t need elevated permissions to list held packages. You only need elevated permission if you want to change something. As that command only lists them, you can run it as a normal user.

The apt-mark command has a ton of other uses, this is not an all-inclusive article. You can always see the man page for more help and the rest of the features. This article is only covering the ‘hold’ and ‘unhold’ functions. Maybe there will be another article covering other aspects, but this limited in scope – preventing application updates.

Like always, thanks for reading and I appreciate the feedback! Don’t forget that the site has ads enabled and that you can donate. So, if this article helped you learn how to prevent application updates then show some love! Otherwise, sign up for the newsletter or share this article with your friends on social media. Thanks!

 

Subscribe to Newsletter!
Get notified when new articles are published!
We promise to never share your email!
icon

Author: KGIII

Retired mathematician, residing in the mountains of Maine. I may be old and wise, but I am not infallible. Please point out any errors. And, as always, thanks again for reading.

2 thoughts on “Prevent Application Updates With ‘APT-MARK’”

  1. on a well known site i’ve shown how that can also be done with Arch/Arch based. Now one question that came to my mind is this: if on Debian you mark a package , so that it is not updated what about the deps for the package; are they also held back so everything is synchronized or deps still update leading to possible failure of package ?

    1. That’s a great question!

      Dependencies will be updated unless marked as ‘hold’. You can also hold the dependencies if you wish.

      Also, I did NOT automatically import your email address to the new site’s newsletter. Would you like me to do so?

Leave a Reply

Your email address will not be published. Required fields are marked *

Linux Tips
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.