An incorporation package specifies which versions of packages can be installed. These version constraints help keep the system in a supportable state across updates. See Incorporation Packages for more information about incorporation packages and constraints.
Some incorporated packages might be safe to downgrade or upgrade at a version different from the version specified by the incorporation. The version constraint is expressed by a version-lock.package facet specified in the incorporation package. The default value of the version-lock.package facet is true. To relax the version constraint on a package, set the value of its version-lock. facet to false.
In the following example, you want to downgrade to an earlier version of a package. The pkg update command downgrades as well as upgrades packages.
$ pkg list -af library/security/openssl NAME (PUBLISHER) VERSION IFO library/security/openssl 1.0.1.5-0.175.2.0.0.24.0 i-- library/security/openssl 1.0.1.5-0.175.2.0.0.23.0 --- $ pkg update library/security/openssl@1.0.1.5-0.175.2.0.0.23.0 Creating Plan (Solver setup): | pkg update: No matching version of library/security/openssl can be installed: Reject: pkg://solaris/library/security/openssl@1.0.1.5,5.11-0.175.2.0.0.23.0:20130916T191702Z Reason: This version is excluded by installed incorporation pkg://solaris/consolidation/userland/userland-incorporation@0.5.11,5.11-0.175.2.0.0.24.0:20131001T160408Z
The pkg contents command shows how this version constraint is set. To relax the version constraint on this package, set its version-lock facet to false. Then try the downgrade again. Notice that a new BE is not created, but a backup BE is created. See Boot Environment Policy Image Properties for information about when BEs are created.
$ pkg contents -m userland-incorporation | grep 'library/security/openssl'
depend facet.version-lock.library/security/openssl=true
fmri=pkg:/library/security/openssl@1.0.1.5-0.175.2.0.0.24.0 type=incorporate
$ pkg change-facet facet.version-lock.library/security/openssl=false
Packages to update: 850
Variants/Facets to change: 1
Create boot environment: No
Create backup boot environment: Yes
PHASE ITEMS
Removing old actions 1/1
Updating image state Done
Creating fast lookup database Done
Reading search index Done
Building new search index 850/850
$ pkg update library/security/openssl@1.0.1.5-0.175.2.0.0.23.0
Packages to update: 1
Create boot environment: No
Create backup boot environment: Yes
DOWNLOAD PKGS FILES XFER (MB) SPEED
Completed 1/1 10/10 1.6/1.6 0B/s
PHASE ITEMS
Removing old actions 3/3
Installing new actions 3/3
Updating modified actions 14/14
Updating package state database Done
Updating package cache 1/1
Updating image state Done
Creating fast lookup database Done
Reading search index Done
Updating search index 1/1
$ pkg list library/security/openssl
NAME (PUBLISHER) VERSION IFO
library/security/openssl 1.0.1.5-0.175.2.0.0.23.0 i--To prevent this package from being downgraded or upgraded, freeze the package at the current version. The “f” in the package listing indicates that the package is frozen.
$ pkg freeze -c "Downgrade to avoid bug" library/security/openssl library/security/openssl was frozen at 1.0.1.5,5.11-0.175.2.0.0.23.0:20130916T191702Z $ pkg list library/security/openssl NAME (PUBLISHER) VERSION IFO library/security/openssl 1.0.1.5-0.175.2.0.0.23.0 if-
To re-enable downgrade or upgrade, use the pkg unfreeze command to remove the version freeze. If the package is installed at a version lower than the version specified in the incorporation package, setting the version-lock facet for this package to true installs the version specified in the incorporation package.
If other installed packages have require dependency relationships with the package that you want to downgrade or upgrade, you might need to also relax version constraints on those related packages. In the following example, version constraints have been lifted on the hexedit package but installation is rejected because of version constraints on the system/library package.
$ pkg install editor/hexedit@1.2.12-0.175.2.0.0.25.0
Creating Plan (Solver setup): -
pkg install: No matching version of editor/hexedit can be installed:
Reject: pkg://solaris/editor/hexedit@1.2.12-0.175.2.0.0.25.0:20131014T170634Z
Reason: All versions matching 'require' dependency
pkg:/system/library@0.5.11,5.11-0.175.2.0.0.24.0 are rejected
Reject: pkg://solaris/system/library@0.5.11,5.11-0.175.2.0.0.24.0:20131001T152820Z
pkg://solaris/system/library@0.5.11,5.11-0.175.2.0.0.25.0:20131014T161136Z
Reason: This version is excluded by installed incorporation
pkg://solaris/consolidation/osnet/osnet-incorporation@0.5.11,5.11-0.175.2.0.0.24.0:20131001T150429ZIn addition to individual component packages, you can also relax version constraints on incorporations. In this case, setting the version-lock facet to false enables you to unlock the incorporation from the rest of the system. Though the incorporation package is unlocked, the packages it incorporates continue to be synchronized.