Understanding the Ubuntu package repositories

During a thread about daylight savings confusion here in Sydney, Martin Barry asked the SLUG list why updates to Ubuntu packages go into a separate “updates” repository. John Ferlito suggested that I blog my answer…

I’ve never understood the ${ubuntu_release}-updates thing.

A separate repositry for security I understand due to the need to bypass mirror lag.

But anything worthy of going into ${ubuntu_release}-updates is surely worth putting straight into ${ubuntu_release} ? Or is it just me?

Post-release, that archive is never touched. It means that users get to choose how much damage they’re willing to accept:

  • $release: Don’t touch it, I like consistency, even with my bugs.
  • $release-security: I’ll accept patches to existing versions (and very rare version upgrades if absolutely necessary) in the process of keeping my system secure.
  • $release-updates: Okay, some bugs are worth fixing, and I trust you this much (holds up two fingers like Maxwell Smart).
  • $release-backports: I have something akin to technology ADHD, needing the latest of everything I can possibly get, but I’m a sooky little wuss-fart because I can’t handle running the development branch.
  • $devel: I can take it. Seriously. If you break my X, I shall become more powerful than you could possibly imagine. I’ll file and maybe even fix the bugs and I’ll do it even if power management is not so much ‘managed’ as vomited all over the wall. Come get some.
  • Debian: We do the work so you don’t have to.

Amazingly, a number of followups suggest that this summary should form some kind of official description on the Ubuntu Wiki or similar. I’m sure someone in Ubuntu land will be keen to… revise some of my verbiage… should they choose to use it. 🙂

This entry was posted in General and tagged , , , . Bookmark the permalink.

10 Responses to Understanding the Ubuntu package repositories

  1. K. Ralho says:

    One thing that I don’t understand is those Translation-en_US shits that I get on my synaptic/apt-get/aptitude. What is that all about?

  2. Joseph says:

    “Don’t look, Ethel!” But it was tooo late.

  3. Andy Goh says:

    I’d love to see an official description on the Ubuntu Wiki, but good work explaining it, I’ve always been wondering about the way Ubuntu repo was organised. Cheers

  4. Kevin Mark says:

    What process does Ubuntu use to transition packages from devel to release? Debian uses katie (now part of DAK). Could you point me to this info.

  5. Wolfger says:

    Nothing wrong with your verbiage that I can see…

  6. jim says:

    Cool, thanks for the clarification. I never really understood any of that. I always just enabled everything (the tech ADHA in me I suppose).

  7. Petski says:

    Could you be so kind to clear up the terminology a bit more? I came this far:

    – There is a “repository” (just an URI).
    – The repository is divided into several “components” (main, restricted, universe, multiverse).
    – The “components” are divided into several “pockets” ($release-security, $release-updates, etc).

    Your helpful post lacks an explanation for the $release-proposed pocket. Could you be so kind to add it?

  8. Taemojitsu says:

    now I understand it! *click* in my brain. Mystifying until I found your explanation on the wiki, and I’ve been a Ubuntu newb for almost three years now…

  9. Thomas M Steenholdt says:

    I understand most of the repository stuff, described here – But I’m missing an important – to me at least 😉 – detail, that I hope you can help me clear up as well.

    If I decide, that my level of “accepted damage” should be “updates”, do I need to keep the “security” repository enabled too? What are the semantics regarding this?

    I can’t seem to find this info anywhere.

    Thanks in advance 🙂


  10. Glen says:

    This is great and more helpful than the Ubuntu documentation almost 4 years later. Thanks!

Leave a Reply

Your email address will not be published. Required fields are marked *

Comments will be sent to the moderation queue.