Apt/Deb
Tasks
Show packages belonging to non-free
dpkg-query -W -f='${Section}\t${Package}\n' | grep ^non-free
List packages with version
apt list
apt list | grep oibaf
apt list | grep oi | cut -d' ' -f2
Search for packages that own files corresponding to the given pattern
$ apt search postgresql
# dpkg -S /usr/bin/host
bind9-host: /usr/bin/host
Downgrade a package
sh -c 'VER=5.8~bullseye; apt install winehq-staging=$VER wine-staging=$VER wine-staging-amd64=$VER wine-staging-i386=$VER'
Set a package on hold
me@computer:~$ apt-mark hold wine-staging wine-staging-amd64 wine-staging-i386:i386 winehq-staging
wine-staging set on hold.
wine-staging-amd64 set on hold.
wine-staging-i386:i386 set on hold.
winehq-staging set on hold.
Additionally, it is possible to create a /tmp/mypref file with this content:
Package: wine*:*
Pin: version 4.15~buster
Pin-Priority: 1001
and run the following:
me@computer:~$ apt -o Dir::Etc::Preferences=/tmp/mypref install winehq-staging wine-staging-amd64 wine-staging-i386 wine-staging
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages will be DOWNGRADED:
wine-staging wine-staging-amd64 wine-staging-i386:i386 winehq-staging
0 upgraded, 0 newly installed, 4 downgraded, 0 to remove and 0 not upgraded.
Need to get 136 MB of archives.
After this operation, 1.371 kB disk space will be freed.
Do you want to continue? [Y/n]
Preferences
If we want to have the sid repositories enabled on our computer without actually switching to sid (running stable or testing), we set this preference file /etc/apt/preferences.d/99sid
:
Package: *
Pin: release a=unstable
Pin-Priority: 110
This way, our sid packages keep being upgraded but the other packages belonging to another distribution won’t be upgraded to sid. In the following example, we see that the priority of the bullseye packages is 500
while the sid ones is 110
. The currently installed packages have a priority of 100
.
me@computer:~$ apt-cache policy linux-image-amd64
linux-image-amd64:
Installed: 5.6.7-1
Candidate: 5.6.7-1
Version table:
*** 5.6.7-1 500
500 https://ftp-stud.hs-esslingen.de/debian bullseye/main amd64 Packages
110 https://ftp-stud.hs-esslingen.de/debian sid/main amd64 Packages
100 /var/lib/dpkg/status
5.5.17-1~bpo10+1 100
100 https://ftp-stud.hs-esslingen.de/debian buster-backports/main amd64 Packages
4.19+105+deb10u4 500
500 https://ftp-stud.hs-esslingen.de/debian buster/main amd64 Packages
Utilities
apt – command-line interface
apt provides a high-level commandline interface for the package management system. It is intended as an end user interface and enables some options better suited for interactive usage by default compared to more specialized APT tools like apt-get(8) and apt-
cache(8).
apt update --allow-releaseinfo-change
apt-file — APT package searching utility
Useful to search for files in not installed packages
Finding relevant cache files to search …E: The cache is empty. You need to run "apt-file update" first.
leo@computer:~$ apt-file search fence_scsi_check
fence-agents: /usr/share/cluster/fence_scsi_check
fence-agents: /usr/share/cluster/fence_scsi_check_hardreboot
apt-show-versions – Lists available package versions with distribution
Find packages belonging to a distribution
$ apt-show-versions | grep buster
libfaudio0:amd64 19.10-0~buster newer than version in archive
libfaudio0:i386 19.10-0~buster newer than version in archive
virtualbox-6.0:amd64/buster 6.0.14-133895~Debian~buster uptodate
wine-staging:amd64 4.17~buster newer than version in archive
wine-staging-amd64:amd64 4.17~buster newer than version in archive
wine-staging-i386:i386 4.17~buster newer than version in archive
winehq-staging:amd64 4.17~buster newer than version in archive
apt-show-versions | grep sid
Remove all packages with a pattern
apt-show-versions | grep bareos | cut -d':' -f1 | xargs -n1 sudo apt remove -y
deborphan – Orphaned package finder
apt remove `deborphan`
apt purge `deborphan`
apt-cache
apt-cache – query the APT cache
Get package version:
root@ansible ~# apt-cache policy bind9-host
bind9-host:
Installed: 1:9.11.5.P4+dfsg-5.1+deb10u2
Candidate: 1:9.11.5.P4+dfsg-5.1+deb10u2
Version table:
*** 1:9.11.5.P4+dfsg-5.1+deb10u2 500
500 http://security.debian.org buster/updates/main amd64 Packages
500 http://deb.debian.org/debian buster/main amd64 Packages
100 /var/lib/dpkg/status
Get package dependencies:
apt-cache depends package-name
apt-cache rdepends package-name
apt-key (deprecated)
apt-key – APT key management utility
curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
$ sudo apt-key fingerprint 0EBFCD88
pub 4096R/0EBFCD88 2017-02-22
Key fingerprint = 9DC8 5822 9FC7 DD38 854A E2D8 8D81 803C 0EBF CD88
uid Docker Release (CE deb) <docker@docker.com>
sub 4096R/F273FCD8 2017-02-22
Remove a key from the binary file /etc/apt/trusted.gpg
$ apt-key list
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
/etc/apt/trusted.gpg
--------------------
pub rsa4096 2020-12-11 [SC]
C68B 001F 74D2 F202 43D0 B7A2 0CCB A537 DBE0 83A6
uid [ unknown] Bareos 20 Signing Key <signing@bareos.com>
/etc/apt/trusted.gpg.d/netdata.gpg
----------------------------------
pub rsa3072 2022-07-01 [SC]
6588 FDD7 B147 21FE 7C31 15E6 F917 7B52 65F5 6346
uid [ unknown] Netdatabot <bot@netdata.cloud>
sub rsa3072 2022-07-01 [E]
/etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg
------------------------------------------------------
pub rsa4096 2012-05-11 [SC]
8439 38DF 228D 22F7 B374 2BC0 D94A A3F0 EFE2 1092
uid [ unknown] Ubuntu CD Image Automatic Signing Key (2012) <cdimage@ubuntu.com>
/etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg
------------------------------------------------------
pub rsa4096 2018-09-17 [SC]
F6EC B376 2474 EDA9 D21B 7022 8719 20D1 991B C93C
uid [ unknown] Ubuntu Archive Automatic Signing Key (2018) <ftpmaster@ubuntu.com>
$ sudo apt-key del 'C68B 001F 74D2 F202 43D0 B7A2 0CCB A537 DBE0 83A6'
Warning: apt-key is deprecated. Manage keyring files in trusted.gpg.d instead (see apt-key(8)).
OK
Signatures/public keys
root@bareos:/etc/apt/sources.list.d# apt-key adv --keyserver keyserver.ubuntu.com --recv-keys E5D882B28657AE28
Executing: /tmp/apt-key-gpghome.of9N8ZWkz0/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-keys E5D882B28657AE28
gpg: key E5D882B28657AE28: public key "Bareos 19.2 Signing Key <signing@bareos.com>" imported
gpg: Total number processed: 1
gpg: imported: 1
Deprecated: gpg keys are stored in /etc/apt/trusted.gpg.d/
gpg – OpenPGP encryption and signing tool
https://www.linuxuprising.com/2021/01/apt-key-is-deprecated-how-to-add.html
$ sudo apt update
Hit:1 http://de.archive.ubuntu.com/ubuntu jammy InRelease
Hit:2 http://de.archive.ubuntu.com/ubuntu jammy-updates InRelease
Hit:3 http://de.archive.ubuntu.com/ubuntu jammy-backports InRelease
Hit:4 http://de.archive.ubuntu.com/ubuntu jammy-security InRelease
Get:5 https://repo.netdata.cloud/repos/stable/ubuntu jammy/ InRelease [1294 B]
Err:5 https://repo.netdata.cloud/repos/stable/ubuntu jammy/ InRelease
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F9177B5265F56346
Reading package lists... Done
W: GPG error: https://repo.netdata.cloud/repos/stable/ubuntu jammy/ InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY F9177B5265F56346
E: The repository 'https://repo.netdata.cloud/repos/stable/ubuntu jammy/ InRelease' is not signed.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
$ gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys F9177B5265F56346
gpg: key F9177B5265F56346: public key "Netdatabot <bot@netdata.cloud>" imported
gpg: Total number processed: 1
gpg: imported: 1
$ gpg --list-keys
/home/user/.gnupg/pubring.kbx
-----------------------------------
pub rsa3072 2022-07-01 [SC]
6588FDD7B14721FE7C3115E6F9177B5265F56346
uid [ unknown] Netdatabot <bot@netdata.cloud>
sub rsa3072 2022-07-01 [E]
$ gpg --output netdata.gpg --export bot@netdata.cloud
$ sudo cp netdata.gpg /etc/apt/trusted.gpg.d/