{
  "id": "package-management",
  "title": "Package Management & Version Pinning",
  "category": "packages",
  "tags": ["apt", "pacman", "packages", "pinning", "rollback", "IgnorePkg"],
  "updated": "2026-01-08",
  "summary": "Installing, rolling back, and pinning packages on Debian and Arch Linux.",
  "sections": [
    {
      "heading": "Debian / Ubuntu (apt)",
      "body": "<p>Most commands need root.</p>",
      "code": "apt update                        # refresh package list\napt install nginx                  # install\napt remove nginx                   # remove (keep config)\napt purge nginx                    # remove + delete config\napt list --installed               # list installed packages\napt show nginx                     # info about a package\ndpkg -l | grep nginx               # alternative listing"
    },
    {
      "heading": "Listing Available Versions (Debian)",
      "body": "",
      "code": "apt-cache policy nginx\n# Shows installed version, candidate version, and all available versions by priority"
    },
    {
      "heading": "Installing a Specific Version (Debian)",
      "body": "",
      "code": "apt install nginx=1.22.1-9\n# Use apt-cache policy to find the exact version string first"
    },
    {
      "heading": "Pinning a Package (Debian)",
      "body": "<p>Pinning prevents apt from upgrading a specific package. Create or edit <code>/etc/apt/preferences.d/</code>:</p>",
      "code": "# /etc/apt/preferences.d/nginx-pin\nPackage: nginx\nPin: version 1.22.1-9\nPin-Priority: 1001\n\n# Priority > 1000 = keep this version even if newer is available\n# After creating the file:\napt-mark hold nginx     # belt-and-suspenders hold\napt-cache policy nginx  # verify the pin took effect"
    },
    {
      "heading": "Arch Linux (pacman)",
      "body": "",
      "code": "pacman -Syu                        # update all\npacman -S nginx                    # install\npacman -R nginx                    # remove\npacman -Rs nginx                   # remove + unneeded deps\npacman -Q | grep nginx             # list installed\npacman -Qi nginx                   # info about installed package"
    },
    {
      "heading": "Rolling Back a Package (Arch)",
      "body": "<p>Arch keeps a package cache in <code>/var/cache/pacman/pkg/</code>. If the current package broke something:</p>",
      "code": "ls /var/cache/pacman/pkg/nginx*\n# Find the version you want, then:\npacman -U /var/cache/pacman/pkg/nginx-1.24.0-1-x86_64.pkg.tar.zst"
    },
    {
      "heading": "Preventing Upgrades (Arch — IgnorePkg)",
      "body": "<p>After rolling back, prevent the package from upgrading on the next <code>pacman -Syu</code>:</p>",
      "code": "# /etc/pacman.conf\n[options]\n...\nIgnorePkg = nginx\n\n# Verify:\npacman -Syu\n# Should print: warning: nginx: ignoring package upgrade (1.24.0-1 => 1.25.x-y)"
    },
    {
      "heading": "When to Pin vs When to Fix",
      "body": "<p>Pinning is a stop-gap, not a solution. Document why you pinned it and set a reminder to revisit. A pinned package stops receiving security updates. If the upstream bug is fixed in a newer minor version, upgrade to that instead of staying pinned indefinitely.</p>"
    }
  ]
}