Cannot downgrade a package upgraded previously

Question

Note 1: At the end of the post I explain why I think this is not a duplicate of this or this question.

Note 2: If you want to avoid wasting too much time in reading the question, you can just read the problem and, if you want, what I tried. The rest of the post just contains details for completeness.

The problem

In the past I upraded, by mistake, a package for which I realized later that I needed to keep the older version I used to have.

Then I downgraded the package, but apparently the newer version stayed in some cache and the aptitude tool is upgrading it periodically (every 75 minutes more precisely).

How can I prevent this?

Perhaps I should find a way to remove the new version from some cache ?

What I tried

I tried all the most common approaches to hold the package, which are described here and here, with no success.

For example, I tried using dpkg --set-selections apt-mark hold, aptitude hold and the Lock version feature in Synaptic.

In particular, the Synaptic tool even reports the package as locked, but aptitude still upgrades it, and of course I tried to hold the package using the very aptitude tool, but the same happens.

After some investigation, I realized that aptitude installs the newer version by running dpkg to install a .deb file in /var/cache/apt/archives/. Desperately, I even tried the dirty approach to just delete that file, but it is even regenerated (thus I guess it may be downloaded from the web or extracted from some tar/zip file).

Finally, I also tried to completely remove the newer version using apt-get purge and to install the older version afterwards using apt-get install and to hold it afterwards. Nothing, it is still upgraded automatically...

Details

Context

Because of compatibility issues in writing some code, after upgrading a package, let's call it thepackage, I had to change mind and I needed to downgrade it, from a newer version to an older version, say from 1.1 to 1.0.

Therefore I run something like

dpkg -i thepackage_1.0.deb

But every 75 minutes the files from this package are automatically deleted and replaced with files from the newer version 1.1, as if some system script is upgrading the package automatically.

What is happening

Then, in order to investigate about the cause, I replaced the rm tool to delete files with a script I wrote which, before calling the actual rm (which has been renamed as real_rm), prints the chain of commands which ended up calling rm (I did this by getting the PID of each process parent).

Then the log file generated by this script of mine prints something like:

COMMAND: /bin/bash /bin/rm -rf -- /var/lib/dpkg/tmp.ci
CAUSAL CHAIN:
/sbin/init
-> /usr/sbin/cron -f
-> /usr/sbin/CRON -f 
-> /bin/sh -c    /sbin/maint --mode=cron > /dev/null 2>&1 
-> /usr/bin/perl /sbin/maint --mode=cron
-> /usr/bin/perl -I /var/cache/sysmaint/production/vol/linux/ubuntu/16.04/lib/perl /var/cache/sysmaint/production/vol/linux/ubuntu/16.04/maint/017aptitude/maint --nodebug --nosilent --nodryrun --nologperline --colour --nomachineread --trace=none --mode=cron
-> /usr/bin/aptitude -o Dpkg::Options::=--force-confdef -v -y -f install
-> /usr/bin/dpkg --force-confdef --status-fd 57 --unpack --auto-deconfigure /var/cache/apt/archives/thepackage_1.1.deb

From this log, we can see that cron is periodically running aptitude by executing

/usr/bin/aptitude -o Dpkg::Options::=--force-confdef -v -y -f install

and this command executes the following subcommand

/usr/bin/dpkg --force-confdef --status-fd 57 --unpack --auto-deconfigure /var/cache/apt/archives/thepackage_1.1.deb

Therefore it seems that aptitude is being periodically executed to automatically upgrade some packages via dpkg stored in a cache folder, and one of those packages is thepackage_1.1.deb.

Note: why I think this is not a duplicate anymore.
I tried all solutions to hold the package described here and here, but they just don't work. I suspect this is a different problem because the package is already in the cache and this may be the reason why the attempts to hold the older version do not work. Perhaps I should find a way to remove it from the cache?

Do you want this cronjob gone or do you just want the package held at a given version? — muru, Jun 13 '18 at 12:22
I would just want that specific package held at a given version, that is to keep the version 1.0 that I installed manually (when downgrading) instead of automatically upgrading it to 1.1. — GeekInDisguise, Jun 13 '18 at 12:23
@Terrance @muru I have an update for you: the apt-mark hold solution did not solve the problem, the package is still upgraded, perhaps because as I say in the question the install aptitude command is executed instead of upgrade? Or perhaps because a copy of the .deb file is already in the cache? What do you think? Should I try to edit the question? As I said, the solutions suggested in the questions you linked here do not work, then perhaps this is not a duplicate ? — GeekInDisguise, Jun 13 '18 at 13:04
You can hold a package in aptitude by highlighting it and pressing =. — Organic Marble, Jun 13 '18 at 13:05
Look at the answer @muru linked. There are 3 different ones to try beyond apt-mark hold. — Terrance, Jun 13 '18 at 13:06
@Terrance Many thanks again, for some reason it seems that running apt-mark hold a second time solved the issue, I don't know why it didn't work the first time. Thanks for the support, you are great as always. — GeekInDisguise, Jun 13 '18 at 16:03
@Terrance Update: at the end that attempt was also wrong, it restarted being upgraded automatically, and this time I tried all the methods suggested in the linked answers and none of them worked. Plus, Synaptic shows the package as locked even if it keeps getting upgraded. — GeekInDisguise, Jun 28 '18 at 18:04
@Terrance At this point, I think the only explanation depends on the fact that I upgraded the package in the past and I changed mind afterwards, but the package is still in some cache and gets reinstalled automatically. This crashes all the software which depends on that package version. If you don't have other suggestion, I think the only option is to rephrase the question talking about cached package and about how to prevent them from being re-installed. PS of course I tried to delete the .deb file from the cache, but it is even re-generated automatically... so frustrating... — GeekInDisguise, Jun 28 '18 at 18:05
I have voted to reopen this question. I can see this being frustrating. This can be one issue with applications that don't get installed from apt to the point that apt, aptitude, etc might not be able to control whether the application is upgraded or not. Have you checked with the author of the app? — Terrance, Jun 28 '18 at 20:37
Many thanks for your support @Terrance , I am in contact with the author but the problem is that based on the logs it is aptitude... perhaps you may be right and some program is just telling aptitude to do this, but should aptitude 'refuse' to do the upgrade since the package is marked with 'hold'? — GeekInDisguise, Jun 28 '18 at 21:20
For now the only, very poor, "workaround" I have found is to make a little script which uses inotifywait in an endless loop to automatically downgrade in case it detects deletion of the older version... but I would really like to avoid this kind of approach... @muru many thanks for you suggestions, do you have other recommendations? What do you think about my edit of the question? Now it seems the problem may be different and perhaps not a duplicate anymore... — GeekInDisguise, Jun 28 '18 at 21:29
Unfortunately, I don't have the answer for that one since I don't use aptitude and I don't have the same application. I don't like to write answers based on guesses. I prefer to write them based on my own experience. Right now, I am also not in a position to duplicate your issue. So sorry about that! — Terrance, Jun 28 '18 at 21:34
No worries @Terrance , of course I understand that... the only thing I can hope is that the question is reopened as it doesn't seem a duplicate anymore, and of course I also have to un-accept the previously accepted answer, as apparently it doesn't seem to work... — GeekInDisguise, Jun 28 '18 at 21:38

score 1 · Answer 1 · answered Jun 13 '18 at 12:39

Use apt-mark hold package_name to set this package on hold.

$ apt-mark --help
apt 1.6.1 (amd64)
Usage: apt-mark [options] {auto|manual} pkg1 [pkg2 ...]

apt-mark is a simple command line interface for marking packages
as manually or automatically installed. It can also be used to
manipulate the dpkg(1) selection states of packages, and to list
all packages with or without a certain marking.

Most used commands:
  auto - Mark the given packages as automatically installed
  manual - Mark the given packages as manually installed
  hold - Mark a package as held back
  unhold - Unset a package set as held back
  showauto - Print the list of automatically installed packages
  showmanual - Print the list of manually installed packages
  showhold - Print the list of package on hold

Sorry for un-accepting the answer but it seems it was not working at the end, as perhaps the problem is related to the presence of the newer version in some cache, since in the past I made the upgrade and changed mind afterwards... I tried to make this clearer by editing the question and emphasizing this. Btw I upvoted your answer since it may help for very similar problems. — GeekInDisguise, Jun 28 '18 at 21:40