1

On my web servers I run ubuntu 16.04 with php7.2. I would like to be able to run periodically cron task to install system security fixes and updates (something like apt-get upgrade) but I don't want this process to replace php7.2 with newer php versions (eg: php7.4). I would like to patch php7.2 with new minor versions though (something like apt-get install --only-upgrade php7.2).

How can I do so ?

Thanx in advance

Arnaud
  • 11
  • 3
  • Where did you get php 7.2 from? Ubuntu 16.04 comes with php 7.0 so the newer version of php must have been installed from a PPA. – Bert Feb 04 '20 at 17:15
  • @Bert you mean if I actually used a ppa like "ondrej/php", `apt-get upgrade` won't update php7.2 ? – Arnaud Feb 05 '20 at 09:17

1 Answers1

2

You can prevent a package from being upgraded using apt-mark. Simply run:

sudo apt-mark hold php7.2

This can be reversed by unholding the package:

sudo apt-mark unhold php7.2

You can also view your held packages by running:

apt-mark showhold

Once a package is held, it will not be upgraded when running apt dist-upgrade and other upgrade commands.

This solution will not upgrade the package at all, not even minor versions. I believe you will have to manually unhold the package, then run sudo apt install php7.2 in order to get minor upgrade releases.

slightly_toasted
  • 732
  • 3
  • 13
  • 1
    Thanks a lot ! This worked for me, I used `sudo apt-mark hold php7.4*` for preventing me system to upgrade to php7.4 (extensions included) :) – Arnaud Feb 06 '20 at 16:36