From b73eaa4f215d5b0929e86d6c8fbcdc9e134b6c33 Mon Sep 17 00:00:00 2001 From: Romulo Quidute Filho Date: Fri, 27 Feb 2026 12:46:57 +0000 Subject: [PATCH 1/6] Fix held packages error when installing GStreamer dev dependencies --- .../1.2-install-additional-dependencies.sh | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/scripts/ubuntu/1.2-install-additional-dependencies.sh b/scripts/ubuntu/1.2-install-additional-dependencies.sh index 76de38e1..4a393175 100755 --- a/scripts/ubuntu/1.2-install-additional-dependencies.sh +++ b/scripts/ubuntu/1.2-install-additional-dependencies.sh @@ -26,6 +26,22 @@ print_start_of_script print_script_step "Install additional dependencies" +# First, ensure all dev packages are up to date to match installed library versions. +# apt-get upgrade in the previous step may update runtime libraries (libmount1, libzstd1, +# libpcre2-8-0, libselinux1, zlib1g) to security-patch point releases (e.g. -9ubuntu6.4) +# while their -dev counterparts remain at the pre-upgrade version. This causes +# "held broken packages" errors when apt-get satisfy tries to install libgstreamer1.0-dev +# and its transitive -dev dependencies (which carry strict = version constraints). +# Upgrading all affected -dev packages first realigns them with the runtime libraries. +print_script_step "Updating development packages to match installed library versions" +sudo DEBIAN_FRONTEND=noninteractive apt-get update +sudo DEBIAN_FRONTEND=noninteractive apt-get install --only-upgrade -y \ + libmount-dev libblkid-dev \ + libzstd-dev \ + libpcre2-dev \ + libselinux1-dev \ + zlib1g-dev || true + readarray -t packagelist < "$UBUNTU_SCRIPT_DIR/additional-dependency-list.txt" for package in "${packagelist[@]}"; do From a048c8937f5a5f213e03b7e2e1da304665b0a7ec Mon Sep 17 00:00:00 2001 From: Romulo Quidute Filho Date: Fri, 27 Feb 2026 17:02:35 +0000 Subject: [PATCH 2/6] Ensure noble-updates exists in /etc/apt/sources.list.d/ubuntu-sources file --- .../1.2-install-additional-dependencies.sh | 30 ++++++++++--------- 1 file changed, 16 insertions(+), 14 deletions(-) diff --git a/scripts/ubuntu/1.2-install-additional-dependencies.sh b/scripts/ubuntu/1.2-install-additional-dependencies.sh index 4a393175..5f5da329 100755 --- a/scripts/ubuntu/1.2-install-additional-dependencies.sh +++ b/scripts/ubuntu/1.2-install-additional-dependencies.sh @@ -26,21 +26,23 @@ print_start_of_script print_script_step "Install additional dependencies" -# First, ensure all dev packages are up to date to match installed library versions. -# apt-get upgrade in the previous step may update runtime libraries (libmount1, libzstd1, -# libpcre2-8-0, libselinux1, zlib1g) to security-patch point releases (e.g. -9ubuntu6.4) -# while their -dev counterparts remain at the pre-upgrade version. This causes -# "held broken packages" errors when apt-get satisfy tries to install libgstreamer1.0-dev -# and its transitive -dev dependencies (which carry strict = version constraints). -# Upgrading all affected -dev packages first realigns them with the runtime libraries. -print_script_step "Updating development packages to match installed library versions" +# Ensure noble-updates is present in apt sources. +# On minimal Ubuntu 24.04 images (e.g. Raspberry Pi), the sources file may only contain +# noble and noble-security. Security point releases update runtime libraries +# (libmount1, zlib1g, libpcre2-8-0, etc.) to patch versions (e.g. -9ubuntu6.4), but the +# matching -dev packages that accept those versions only exist in noble-updates. +# Without this repo, apt-get satisfy fails with "held broken packages" when resolving +# transitive -dev dependencies for libgstreamer1.0-dev. +print_script_step "Ensuring noble-updates apt repository is configured" +SOURCES_FILE="/etc/apt/sources.list.d/ubuntu-sources.list" +if [ ! -f "$SOURCES_FILE" ]; then + SOURCES_FILE="/etc/apt/sources.list" +fi +if ! grep -q "noble-updates" "$SOURCES_FILE" /etc/apt/sources.list.d/*.list 2>/dev/null; then + echo "deb http://ports.ubuntu.com/ubuntu-ports/ noble-updates main restricted universe multiverse" \ + | sudo tee -a "$SOURCES_FILE" +fi sudo DEBIAN_FRONTEND=noninteractive apt-get update -sudo DEBIAN_FRONTEND=noninteractive apt-get install --only-upgrade -y \ - libmount-dev libblkid-dev \ - libzstd-dev \ - libpcre2-dev \ - libselinux1-dev \ - zlib1g-dev || true readarray -t packagelist < "$UBUNTU_SCRIPT_DIR/additional-dependency-list.txt" From 43d62942ee56b0a1b6cb3a7199c5aa5e0023602d Mon Sep 17 00:00:00 2001 From: Romulo Quidute Filho Date: Fri, 27 Feb 2026 19:13:34 +0000 Subject: [PATCH 3/6] Fix hardcoded noble codename by using lsb_release to detect Ubuntu version at runtime --- .../1.2-install-additional-dependencies.sh | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/scripts/ubuntu/1.2-install-additional-dependencies.sh b/scripts/ubuntu/1.2-install-additional-dependencies.sh index 5f5da329..0f083f3f 100755 --- a/scripts/ubuntu/1.2-install-additional-dependencies.sh +++ b/scripts/ubuntu/1.2-install-additional-dependencies.sh @@ -26,20 +26,21 @@ print_start_of_script print_script_step "Install additional dependencies" -# Ensure noble-updates is present in apt sources. -# On minimal Ubuntu 24.04 images (e.g. Raspberry Pi), the sources file may only contain -# noble and noble-security. Security point releases update runtime libraries +# Ensure -updates is present in apt sources. +# On minimal Ubuntu images (e.g. Raspberry Pi), the sources file may only contain +# and -security. Security point releases update runtime libraries # (libmount1, zlib1g, libpcre2-8-0, etc.) to patch versions (e.g. -9ubuntu6.4), but the -# matching -dev packages that accept those versions only exist in noble-updates. +# matching -dev packages that accept those versions only exist in -updates. # Without this repo, apt-get satisfy fails with "held broken packages" when resolving # transitive -dev dependencies for libgstreamer1.0-dev. -print_script_step "Ensuring noble-updates apt repository is configured" -SOURCES_FILE="/etc/apt/sources.list.d/ubuntu-sources.list" +print_script_step "Ensuring -updates apt repository is configured" +UBUNTU_CODENAME=$(lsb_release -cs) +SOURCES_FILE="/etc/apt/sources.list.d/ubuntu-sources" if [ ! -f "$SOURCES_FILE" ]; then SOURCES_FILE="/etc/apt/sources.list" fi -if ! grep -q "noble-updates" "$SOURCES_FILE" /etc/apt/sources.list.d/*.list 2>/dev/null; then - echo "deb http://ports.ubuntu.com/ubuntu-ports/ noble-updates main restricted universe multiverse" \ +if ! grep -q "${UBUNTU_CODENAME}-updates" "$SOURCES_FILE" /etc/apt/sources.list.d/*.list 2>/dev/null; then + echo "deb http://ports.ubuntu.com/ubuntu-ports/ ${UBUNTU_CODENAME}-updates main restricted universe multiverse" \ | sudo tee -a "$SOURCES_FILE" fi sudo DEBIAN_FRONTEND=noninteractive apt-get update From 902854fa9cfa2a16fa1b3c80e3f524c8c89a1d17 Mon Sep 17 00:00:00 2001 From: Romulo Quidute Filho Date: Sun, 1 Mar 2026 19:28:58 +0000 Subject: [PATCH 4/6] Fixed source file name --- scripts/ubuntu/1.2-install-additional-dependencies.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/ubuntu/1.2-install-additional-dependencies.sh b/scripts/ubuntu/1.2-install-additional-dependencies.sh index 0f083f3f..1e19bf91 100755 --- a/scripts/ubuntu/1.2-install-additional-dependencies.sh +++ b/scripts/ubuntu/1.2-install-additional-dependencies.sh @@ -35,7 +35,7 @@ print_script_step "Install additional dependencies" # transitive -dev dependencies for libgstreamer1.0-dev. print_script_step "Ensuring -updates apt repository is configured" UBUNTU_CODENAME=$(lsb_release -cs) -SOURCES_FILE="/etc/apt/sources.list.d/ubuntu-sources" +SOURCES_FILE="/etc/apt/sources.list.d/ubuntu.sources" if [ ! -f "$SOURCES_FILE" ]; then SOURCES_FILE="/etc/apt/sources.list" fi From eeac39f57a3d87da630a8ee69fd2c31fc38700e7 Mon Sep 17 00:00:00 2001 From: Romulo Quidute Filho Date: Tue, 3 Mar 2026 17:51:23 +0000 Subject: [PATCH 5/6] Improve logic to update /etc/apt/sources.list.d/ubuntu.sources file --- scripts/ubuntu/1.2-install-additional-dependencies.sh | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/scripts/ubuntu/1.2-install-additional-dependencies.sh b/scripts/ubuntu/1.2-install-additional-dependencies.sh index 1e19bf91..b8615e77 100755 --- a/scripts/ubuntu/1.2-install-additional-dependencies.sh +++ b/scripts/ubuntu/1.2-install-additional-dependencies.sh @@ -36,12 +36,10 @@ print_script_step "Install additional dependencies" print_script_step "Ensuring -updates apt repository is configured" UBUNTU_CODENAME=$(lsb_release -cs) SOURCES_FILE="/etc/apt/sources.list.d/ubuntu.sources" -if [ ! -f "$SOURCES_FILE" ]; then - SOURCES_FILE="/etc/apt/sources.list" -fi -if ! grep -q "${UBUNTU_CODENAME}-updates" "$SOURCES_FILE" /etc/apt/sources.list.d/*.list 2>/dev/null; then - echo "deb http://ports.ubuntu.com/ubuntu-ports/ ${UBUNTU_CODENAME}-updates main restricted universe multiverse" \ - | sudo tee -a "$SOURCES_FILE" +if [ -f "$SOURCES_FILE" ] && grep -q "^Suites:" "$SOURCES_FILE"; then + if ! grep -q "${UBUNTU_CODENAME}-updates" "$SOURCES_FILE"; then + sudo sed -i "/^Suites:.*${UBUNTU_CODENAME}\([^-]\|$\)/ s/$/ ${UBUNTU_CODENAME}-updates/" "$SOURCES_FILE" + fi fi sudo DEBIAN_FRONTEND=noninteractive apt-get update From d78c3eea51b6e4bb8e5c955220a52abc78a7b7c2 Mon Sep 17 00:00:00 2001 From: Romulo Quidute Filho Date: Mon, 16 Mar 2026 23:41:18 +0000 Subject: [PATCH 6/6] Improved the way to include UBUNTU_CODENAME-update into ubuntu.sources file --- scripts/ubuntu/1.2-install-additional-dependencies.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/ubuntu/1.2-install-additional-dependencies.sh b/scripts/ubuntu/1.2-install-additional-dependencies.sh index b8615e77..c8d13c57 100755 --- a/scripts/ubuntu/1.2-install-additional-dependencies.sh +++ b/scripts/ubuntu/1.2-install-additional-dependencies.sh @@ -38,7 +38,7 @@ UBUNTU_CODENAME=$(lsb_release -cs) SOURCES_FILE="/etc/apt/sources.list.d/ubuntu.sources" if [ -f "$SOURCES_FILE" ] && grep -q "^Suites:" "$SOURCES_FILE"; then if ! grep -q "${UBUNTU_CODENAME}-updates" "$SOURCES_FILE"; then - sudo sed -i "/^Suites:.*${UBUNTU_CODENAME}\([^-]\|$\)/ s/$/ ${UBUNTU_CODENAME}-updates/" "$SOURCES_FILE" + sudo sed -i -E "/^Suites:.*\b${UBUNTU_CODENAME}\b([^-]|$)/ s/$/ ${UBUNTU_CODENAME}-updates/" "$SOURCES_FILE" fi fi sudo DEBIAN_FRONTEND=noninteractive apt-get update