An incorporation package specifies which versions of packages can be installed. These version constraints help keep the system in a supportable state across updates. See Incorporation Packages for more information about incorporation packages and constraints.
Some incorporated packages might be safe to downgrade or upgrade at a version different from the version specified by the incorporation. The version constraint is expressed by a version-lock.package facet specified in the incorporation package. The default value of the version-lock.package facet is true. To relax the version constraint on a package, set the value of its version-lock. facet to false.
In the following example, you want to downgrade to an earlier version of a package. The pkg update command downgrades as well as upgrades packages.
$ pkg list -af library/security/openssl NAME (PUBLISHER) VERSION IFO library/security/openssl 1.0.1.5-0.175.2.0.0.24.0 i-- library/security/openssl 1.0.1.5-0.175.2.0.0.23.0 --- $ pkg update library/security/[email protected] Creating Plan (Solver setup): | pkg update: No matching version of library/security/openssl can be installed: Reject: pkg://solaris/library/security/[email protected],5.11-0.175.2.0.0.23.0:20130916T191702Z Reason: This version is excluded by installed incorporation pkg://solaris/consolidation/userland/[email protected],5.11-0.175.2.0.0.24.0:20131001T160408Z
The pkg contents command shows how this version constraint is set. To relax the version constraint on this package, set its version-lock facet to false. Then try the downgrade again. Notice that a new BE is not created, but a backup BE is created. See Boot Environment Policy Image Properties for information about when BEs are created.
$ pkg contents -m userland-incorporation | grep 'library/security/openssl' depend facet.version-lock.library/security/openssl=true fmri=pkg:/library/security/[email protected] type=incorporate $ pkg change-facet facet.version-lock.library/security/openssl=false Packages to update: 850 Variants/Facets to change: 1 Create boot environment: No Create backup boot environment: Yes PHASE ITEMS Removing old actions 1/1 Updating image state Done Creating fast lookup database Done Reading search index Done Building new search index 850/850 $ pkg update library/security/[email protected] Packages to update: 1 Create boot environment: No Create backup boot environment: Yes DOWNLOAD PKGS FILES XFER (MB) SPEED Completed 1/1 10/10 1.6/1.6 0B/s PHASE ITEMS Removing old actions 3/3 Installing new actions 3/3 Updating modified actions 14/14 Updating package state database Done Updating package cache 1/1 Updating image state Done Creating fast lookup database Done Reading search index Done Updating search index 1/1 $ pkg list library/security/openssl NAME (PUBLISHER) VERSION IFO library/security/openssl 1.0.1.5-0.175.2.0.0.23.0 i--
To prevent this package from being downgraded or upgraded, freeze the package at the current version. The “f” in the package listing indicates that the package is frozen.
$ pkg freeze -c "Downgrade to avoid bug" library/security/openssl library/security/openssl was frozen at 1.0.1.5,5.11-0.175.2.0.0.23.0:20130916T191702Z $ pkg list library/security/openssl NAME (PUBLISHER) VERSION IFO library/security/openssl 1.0.1.5-0.175.2.0.0.23.0 if-
To re-enable downgrade or upgrade, use the pkg unfreeze command to remove the version freeze. If the package is installed at a version lower than the version specified in the incorporation package, setting the version-lock facet for this package to true installs the version specified in the incorporation package.
If other installed packages have require dependency relationships with the package that you want to downgrade or upgrade, you might need to also relax version constraints on those related packages. In the following example, version constraints have been lifted on the hexedit package but installation is rejected because of version constraints on the system/library package.
$ pkg install editor/[email protected] Creating Plan (Solver setup): - pkg install: No matching version of editor/hexedit can be installed: Reject: pkg://solaris/editor/[email protected]:20131014T170634Z Reason: All versions matching 'require' dependency pkg:/system/[email protected],5.11-0.175.2.0.0.24.0 are rejected Reject: pkg://solaris/system/[email protected],5.11-0.175.2.0.0.24.0:20131001T152820Z pkg://solaris/system/[email protected],5.11-0.175.2.0.0.25.0:20131014T161136Z Reason: This version is excluded by installed incorporation pkg://solaris/consolidation/osnet/[email protected],5.11-0.175.2.0.0.24.0:20131001T150429Z
In addition to individual component packages, you can also relax version constraints on incorporations. In this case, setting the version-lock facet to false enables you to unlock the incorporation from the rest of the system. Though the incorporation package is unlocked, the packages it incorporates continue to be synchronized.