Prevent Application Updates With ‘YUM-VERSIONLOCK’

I recently wrote a similar article, illustrating how you can use ‘apt-mark’ to prevent application updates. While that was handy, it only applied to those who use APT as their package manager. It offered nothing of value to those who use YUM.

This article will explain how you can prevent application updates with ‘yum-versionlock’. You will learn how you can temporarily prevent application updates when you have no choice but to.

In the previous article, I explained that you should always use the most up-to-date software that you can, at least if your system is connected to the public internet. Software updates provide security fixes, not just bug fixes.

Not updating means you’re vulnerable and your vulnerabilities may impact other users. For example, your computer may become a part of a botnet, a spam relay, or even be used as a command and control device for those things. As a global citizen of the ‘net, you’re obligated to do what you can to minimize harm.

So, it is possible to prevent application updates, but you really should only do so when it’s absolutely necessary. In an ideal world, you’d be able to always use the updated version, but we don’t live in that world. We live in the real world, where we have things like compliance and compatibility issues. 

YUM, what is it? YUM stands for Yellowdog Updater, Modified. It’s a package management utility for RPM based distros. You’ll find YUM in distros like RHEL, Fedora, and even OpenSUSE. It’s fairly widely used, though many of the RPM-based distros are more prominent in the server space than they are in the desktop space.

These days there’s actually DNF (which stands for Dandified YUM – don’t blame me, I don’t name these things) but that’s not important today. Today, we’ll be using ‘YUM-VERSIONLOCK‘ to prevent application updates.

Prevent Updates with ‘yum-versionlock’

Unlike ‘apt-mark’, you’ll need to install something in order to do this. It should also be mentioned that there are other ways to accomplish this, but this is the easiest way to prevent application updates. Using versionlock is the most straightforward way of accomplishing this.

First, you’re gonna need to crack open your terminal. You can do that by using your keyboard. Just press CTRL + ALT + T

Once your terminal is open, you’ll need to install ‘yum-versionlock’. You can try this first:

If that gives you an error, I can’t figure out where the name changed, then you can most likely install it with:

Once you have it installed, you can check the man page to see how you use it. Even if you installed it with the second command, the man page is still found at:

The one-liner quite accurately defines versionlock as:

yum-versionlock – Version lock rpm packages

Anyhow, to use it to hold a package at its current version, you simply use:

NOTE: The command supports wildcards. You can use an asterisk with this command. The command will give you feedback. You can also use ‘add’, but it’s redundant.

If you want to remove the lock, which you should do as soon as realistically possible, then the command is fairly evident. It’s just:

If you, like me, don’t always keep the best notes and don’t have the greatest memory, then you can list the locked packages with this command:

There’s no need for elevated permissions with that command, but it will take a little while for it to complete. It will output any locked packages and you can unlock them individually. Again, you can use wildcards in this command.

However, you can remove all the locks with just one command:

As you might expect, that removes all the locks and your system will resume updating normally. You should not keep software locked to one version for long. Though you may be using a LTS-type distro, only getting minor point release upgrades, you are still getting security updates. Keeping your system secure makes you a good netizen. 

Closure:

And there you have it. Another article in the books, this one explaining how to stop updates for specific applications. Thanks for reading and feel free, nay encouraged, to leave feedback. If you have any ideas for articles, feel free to share them. You can also contribute by writing your own article. I’ll even edit it up for you!

Don’t forget that there’s a newsletter (we never spam or share your address with anyone, it’s all in-house) and you can even donate. I’d kinda like the site to at least pay for itself, simply out of principle. If not, there are ads you can unblock! Even if you do none of those things, there are good odds that I’ll keep this site up, running, and interesting.

Prevent Application Updates With ‘APT-MARK’

While unwise, there are times when you need to prevent application updates. You can do this with ‘apt-mark’ and this article will explain how. Obviously, this method is only effective if you use a Linux distro that has an APT-based package manager.

For the most part, you should always keep your software updated. However, that’s a rule for the Ideal World®. For the rest of us, those of us that live in the Real World®, you’ll almost certainly run into an eventuality that requires you to keep an existing, specific version of software.

While entirely stupid and irresponsible, I kept a version of Thunderbird past its due date because the update simply ruined my existing installation. I only kept that outdated version long enough to make the leap to a more recent distro version. The tool I used to prevent application updates was apt-mark.

You will have your own reasons, from compliance to stability to functionality, for keeping the same version of your installed software. You should only use this sparingly, only as necessary, when there’s simply no other solution. This should also be a temporary measure. You should always try to use the upgraded software because there are (possibly) security implications if you don’t.

A little about APT

While we’ll technically be using ‘apt-mark‘, it should be mentioned that APT stands for Advanced Package Tool. It’s the default package manager that is used in many distros, mostly Debian and those of Debian descent. So, you’ll see it in everything from Ubuntu to Linux Mint. 

In the desktop scene, I suspect it’d be the most common of all package management tools. Even if you use a different distro with a different package manager, you should probably have a basic familiarity.

Using ‘apt-mark’ hold and unhold

The tool we’ll be using is ‘apt-mark’, and the man page helpfully defines it as:

apt-mark – show, set and unset various settings for a package

We’ll only be concentrating on a couple of commands, those necessary when you want to prevent application updates, plus one extra command that will help you keep track of the two commands we’ll be focusing on.

The first of those two commands is ‘hold’. This command is used when you want to ‘hold’ a package at its current version, preventing upgrades. Remember, this should really be used only when there’s no other solution, as many upgrades fix security issues as well as bugs. It’s actually a fairly simple command.

When you enter this command, you’ll get a confirmation message. It will tell you that the application is now being held. It will remain held until you ‘unhold’ it. So, it’s a set-it-and-forget-it type of deal, though you shouldn’t really forget it. You should undo it as soon as you realistically can.

To reverse the restriction, resuming your normal updates, you simply need to ‘unhold’ it. The command is fairly obvious, and it looks like this:

That will free the hold on the package and tell you that the hold has been lifted. The package should then upgrade as necessary and as issued. If new upgrades show up in the repositories, it should function as normal and upgrade like it did prior to the hold.

If you are like me, you may well forget that you’ve held packages back. The package names are often long and nonsensical, so they’re easy to forget. In the heat of the moment, you may have forgotten to make a note of the package(s) you’ve held.

Don’t worry, ‘apt-mark’ has you covered! When you want to know what packages are being held, just run this command:

Note the lack of ‘sudo’ in that command. You don’t need sudo because you don’t need elevated permissions to list held packages. You only need elevated permission if you want to change something. As that command only lists them, you can run it as a normal user.

The apt-mark command has a ton of other uses, this is not an all-inclusive article. You can always see the man page for more help and the rest of the features. This article is only covering the ‘hold’ and ‘unhold’ functions. Maybe there will be another article covering other aspects, but this limited in scope – preventing application updates.

Like always, thanks for reading and I appreciate the feedback! Don’t forget that the site has ads enabled and that you can donate. So, if this article helped you learn how to prevent application updates then show some love! Otherwise, sign up for the newsletter or share this article with your friends on social media. Thanks!

 

Disable Ubuntu Snaps

People have a variety of reasons why they want to disable and remove Snap apps from Ubuntu. It’s relatively easy to disable Snaps and this article shows you how.

Let’s start with the basics. What is a Snap? It’s another form of packaging software and Canonical’s Snapcraft page describes it like this:

Snaps are app packages for desktop, cloud and IoT that are easy to install, secure, cross‐platform and dependency‐free. Snaps are discoverable and installable from the Snap Store, the app store for Linux with an audience of millions.

Canonical is the company that makes Ubuntu and if you’ve been using Linux for any length of time, you’ve probably heard of them and Snaps. The reality is that, if you want to use Ubuntu or official Ubuntu flavors, you might want to make your peace with them. They’re going to be everywhere.

Right now, you can find Snaps being more or less mandatory in current Ubuntu Core versions. If you want to use Livepatch to keep your running system protected then you’ll need to use snaps. The list of places Snaps are in use goes on, but more and more applications are being packaged exclusively as Snaps and that trend looks likely to continue.

To be frank, I can’t blame the developers. Package it once and it runs everywhere – or it can run everywhere. This saves time, presents a single point of contact, and helps to ensure uniformity across the myriad distros out there. It does away with things like ‘Dependency Hell’. It even makes it more secure.

In an ideal world, it’d be great!  Maybe you don’t live in that ideal world? Maybe you don’t want Snaps? I don’t need to know your reason. Let’s just disable them.

Removing/Disabling Snaps

Let’s start by cracking open your terminal. You’re gonna want to start there for this. It’s as easy as using your keyboard to press CTRL + ALT + T. Then, enter the following commands into your terminal, one by one and pressing ENTER after each one:

The first command will completely purge ‘snapd’ – the service that controls and installs Snaps. The next three commands remove any remnants of Snaps that you have on your system. The final command will reboot your system, so that everything is cleared out of memory and so that you start fresh and without Snaps.

And, there you go. You can disable Ubuntu snaps! You’re Snap free! Everything is now just as you wanted it. You no longer have any Snaps on your system, nor do you have to worry about installing them by mistake. 

At the same time, it may well be time for dedicated Ubuntu users to adjust and learn to use Snaps. They do have their benefits. They do things like auto-update, automatically revert to the previous version if it’s broken, and keep applications isolated from the rest of the system. For the most part, they just work, without you needing to worry about anything.

So, before you decide to completely remove Snaps from your system, you might just want to take a minute to make peace with them and learn to use them. Yeah, they take up more space, their permissions are wonky, and they’re still a work in progress. You’re probably going to end up using them eventually. The sooner you get used to managing them, the easier it’s probably going to be.

Anyhow, thanks for reading. I appreciate the readers and welcome you to contribute. There’s a whole host of ways you can do so, from joining to donating. You can even write articles without registering, share this article at your favorite sites, and you can sign up for the newsletter so that you know you’re getting these articles (and no spam) in your inbox.

Linux Tips
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.