There were some vulnerabilities in Ruby which are supposedly fixed in ruby 1.8.7. Because of that and because it’s always nice to have the latest, I installed ruby from Ubuntu Intrepid on Hardy Herron.
And while I was doing that I also decided to install guessnet from Intrepid. So I don’t have to compile guessnet anymore.
It involves two steps:
- Updating you apt sources
- Making sure only ruby and guessnet are going to be installed from the new sources. Not all the packages!
1. Updating your sources
Create /etc/apt/sources.list.d/intrepid.list and copy the following code into it:
deb http://nl.archive.ubuntu.com/ubuntu/ intrepid main restricted multiverse deb-src http://nl.archive.ubuntu.com/ubuntu/ intrepid main restricted ## Major bug fix updates produced after the final release of the ## distribution. deb http://nl.archive.ubuntu.com/ubuntu/ intrepid-updates main restricted multiverse deb-src http://nl.archive.ubuntu.com/ubuntu/ intrepid-updates main restricted ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team, and may not be under a free licence. Please satisfy yourself as to ## your rights to use the software. Also, please note that software in ## universe WILL NOT receive any review or updates from the Ubuntu security ## team. deb http://nl.archive.ubuntu.com/ubuntu/ intrepid universe deb-src http://nl.archive.ubuntu.com/ubuntu/ intrepid universe deb http://nl.archive.ubuntu.com/ubuntu/ intrepid-updates universe deb-src http://nl.archive.ubuntu.com/ubuntu/ intrepid-updates universe ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu ## team, and may not be under a free licence. Please satisfy yourself as to ## your rights to use the software. Also, please note that software in ## multiverse WILL NOT receive any review or updates from the Ubuntu ## security team. ## Uncomment the following two lines to add software from the 'backports' ## repository. ## N.B. software from this repository may not have been tested as ## extensively as that contained in the main release, although it includes ## newer versions of some applications which may provide useful features. ## Also, please note that software in backports WILL NOT receive any review ## or updates from the Ubuntu security team. deb http://nl.archive.ubuntu.com/ubuntu/ intrepid-backports main restricted universe multiverse # deb-src http://nl.archive.ubuntu.com/ubuntu/ intrepid-backports main restricted universe multiverse ## Uncomment the following two lines to add software from Canonical's ## 'partner' repository. This software is not part of Ubuntu, but is ## offered by Canonical and the respective vendors as a service to Ubuntu ## users. deb http://archive.canonical.com/ubuntu intrepid partner # deb-src http://archive.canonical.com/ubuntu intrepid partner deb http://security.ubuntu.com/ubuntu intrepid-security main restricted multiverse deb-src http://security.ubuntu.com/ubuntu intrepid-security main restricted deb http://security.ubuntu.com/ubuntu intrepid-security universe deb-src http://security.ubuntu.com/ubuntu intrepid-security universe
2. Apt preferences
If /etc/apt/preferences does not exist, touch it!
Then copy this code into it:
Package: * Pin: release v=8.10 Pin-Priority: -1 Package: ruby Pin: release v=8.10 Pin-Priority: 500 Package: ruby1.8 Pin: release v=8.10 Pin-Priority: 500 Package: libruby Pin: release v=8.10 Pin-Priority: 500 Package: libruby1.8 Pin: release v=8.10 Pin-Priority: 500 Package: rdoc Pin: release v=8.10 Pin-Priority: 500 Package: rdoc1.8 Pin: release v=8.10 Pin-Priority: 500 Package: ri Pin: release v=8.10 Pin-Priority: 500 Package: ri1.8 Pin: release v=8.10 Pin-Priority: 500 Package: irb Pin: release v=8.10 Pin-Priority: 500 Package: irb1.8 Pin: release v=8.10 Pin-Priority: 500 Package: libopenssl-ruby Pin: release v=8.10 Pin-Priority: 500 Package: libreadline-ruby Pin: release v=8.10 Pin-Priority: 500 Package: libreadline-ruby1.8 Pin: release v=8.10 Pin-Priority: 500 Package: ruby-dev Pin: release v=8.10 Pin-Priority: 500 Package: ruby1.8-dev Pin: release v=8.10 Pin-Priority: 500 Package: guessnet Pin: release v=8.10 Pin-Priority: 501
That’s all! “Aptitude update” & “aptitude install ruby guessnet” and you are good to go.
I tried using the “Package” keyword with wildcards, but that’s a no-go
16 comments ↓
tried it, but it doesn’t work.
aptitude update doesn’t seem to be picking up intrepid repos, and
aptitude install ruby gives these errors:
sudo aptitude install ruby
Reading package lists… Done
E: Invalid record in the preferences file, no Package header
E: Invalid record in the preferences file, no Package header
any ideas?
Sorry, made a mistake…
The file has to be: /etc/apt/sources.list.d/intrepid.list instead of:
/etc/apt/sources.list.d/intrepid
So rename intrepid to intrepid.list and all will be fine. I’ve updated the blogpost too.
I think the error was caused by the content of the /etc/apt/preferences file, I had to remove the following lines :
5. /*All ruby*/
66. /*End ruby*/
I don’t now why synaptic did not ignore the comments.
Most importantly is there a typo at line 21 ?!
21. rdoc1.8 ri1.8
Thanks Kares! Updated the post: removed the typos and removed the comment.
When using the preference file, apt told me 1.8.6 was already the newest version for some reason. I was able to install 1.8.7 by removing preference and explicitly running:
sudo apt-get install ruby ruby1.8 libruby libruby1.8 rdoc rdoc1.8 ri ri1.8 irb irb1.8 libopenssl-ruby libreadline-ruby libreadline-ruby1.8 ruby-dev ruby1.8-dev
Then I moved the intrepid source so apt doesn’t want to upgrade 500 packages all the time.
cool! 3x!
Do I need to uninstall ruby 1.8.6
No, ruby 1.8.6 will be automatically uninstalled. Both belong to the ruby1.8 package. So there can only be one.
This is very helpful but I’m sure it would save people tons of time if you took out the line numbering from your code boxes. Copying and pasting takes forever this way
Ya, not to bite the hand that feeds, I really appreciate this, but those line numbers are KILLING me.
Thanks, it worked exactly what you have specified. If possible remove the line numbers.
This guide is great, thanks!
I had to use sudo apt-get update and sudo apt-get install ruby guessnet instead of the aptitude commands. Not sure why as I usually use aptitude.
Nice one. Ciao!
Looks like it only installs p72. Vulnerabilities are fixed in p174. Sorry for the downer. Instructions to install from source?
Hi, Thank you for your nice tips.
I have one problem.
sudo aptitude safe-upgrade
then, it goes and does 306 all packages upgrade to intrepid…
Can I no-upgrade it to intrepid without only ruby?
thanks for the great writeup leon! and thank you, tobyo, for the tip!
for the line numbers just use vim and do a
:%s/\d\d\.//g and :%s/\d\.//g
:%s/\d{1,2}\.//g wasn’t working, apparently vim doesn’t recognize this construct. anyway the one mentioned above will work.
Leave a Comment