6.2. aptitude
, apt-get
, and apt
Commands
APT is a vast project, whose original plans included a graphical interface. It is based on a library which contains the core application, and apt-get
is the first front end — command-line based — which was developed within the project. apt
is a second command-line based front end provided by APT which overcomes some design mistakes of apt-get
.
Both tools are built on top of the same library and are thus very close but the default behaviour of apt
has been improved for interactive use and to actually do what most users expect. APT's developers reserve the right to change the public interface of this tool to further improve it. On the opposite, the public interface of apt-get
is well defined and will not change in any backwards incompatible way. It is thus the tool that you want to use when you need to script package installation requests.
Numerous other graphical interfaces then appeared as external projects: synaptic
, aptitude
(which includes both a text mode interface and a graphical one — even if not complete yet), wajig
, etc. The most recommended interface, apt
, is the one that we will use in the examples given in this section. Note however that apt-get
and aptitude
have a very similar command line syntax. When there are major differences between apt
, apt-get
and aptitude
, these differences will be detailed.
For any work with APT, the list of available packages needs to be updated; this can be done simply through apt update
. Depending on the speed of your connection, the operation can take a while since it involves downloading a certain number of Packages
/Sources
/Translation-language-code
files, which have gradually become bigger and bigger as Debian has developed (at least 10 MB of data for the main
section). Of course, installing from a CD-ROM set does not require any downloading — in this case, the operation is very fast.
6.2.2. Installing and Removing
With APT, packages can be added or removed from the system, respectively with apt install package
and apt remove package
. In both cases, APT will automatically install the necessary dependencies or delete the packages which depend on the package that is being removed. The apt purge package
command involves a complete uninstallation — the configuration files are also deleted.
If the file
sources.list
mentions several distributions, it is possible to give the version of the package to install. A specific version number can be requested with
apt install package=version
, but indicating its distribution of origin (
Stable,
Testing or
Unstable) — with
apt install package/distribution
— is usually preferred. With this command, it is possible to go back to an older version of a package (if for instance you know that it works well), provided that it is still available in one of the sources referenced by the
sources.list
file. Otherwise the
snapshot.debian.org
archive can come to the rescue (see sidebar
GOING FURTHER Old package versions: snapshot.debian.org
).
예 6.3. Installation of the unstable version of spamassassin
#
apt install spamassassin/unstable
If the package to install has been made available to you under the form of a simple .deb
file without any associated package repository, it is still possible to use APT to install it together with its dependencies (provided that the dependencies are available in the configured repositories) with a simple command: apt install ./path-to-the-package.deb
. The leading ./
is important to make it clear that we are referring to a filename and not to the name of a package available in one of the repositories.
Regular upgrades are recommended, because they include the latest security updates. To upgrade, use apt upgrade
, apt-get upgrade
or aptitude safe-upgrade
(of course after apt update
). This command looks for installed packages which can be upgraded without removing any packages. In other words, the goal is to ensure the least intrusive upgrade possible. apt-get
is slightly more demanding than aptitude
or apt
because it will refuse to install packages which were not installed beforehand.
apt
will generally select the most recent version number (except for packages from Experimental and stable-backports, which are ignored by default whatever their version number). If you specified Testing or Unstable in your sources.list
, apt upgrade
will switch most of your Stable system to Testing or Unstable, which might not be what you intended.
To tell apt
to use a specific distribution when searching for upgraded packages, you need to use the -t
or --target-release
option, followed by the name of the distribution you want (for example: apt -t stable upgrade
). To avoid specifying this option every time you use apt
, you can add APT::Default-Release "stable";
in the file /etc/apt/apt.conf.d/local
.
For more important upgrades, such as the change from one major Debian version to the next, you need to use apt full-upgrade
. With this instruction, apt
will complete the upgrade even if it has to remove some obsolete packages or install new dependencies. This is also the command used by users who work daily with the Debian Unstable release and follow its evolution day by day. It is so simple that it hardly needs explanation: APT's reputation is based on this great functionality.
Unlike apt
and aptitude
, apt-get
doesn't know the full-upgrade
command. Instead, you should use apt-get dist-upgrade
(”distribution upgrade”), the historical and well-known command that apt
and aptitude
also accept for the convenience of users who got used to it.
6.2.4. Configuration Options
Besides the configuration elements already mentioned, it is possible to configure certain aspects of APT by adding directives in a file of the /etc/apt/apt.conf.d/
directory. Remember for instance that it is possible for APT to tell dpkg
to ignore file conflict errors by specifying DPkg::options { "--force-overwrite"; }
.
If the Web can only be accessed through a proxy, add a line like
Acquire::http::proxy "http://yourproxy:3128"
. For an FTP proxy, write
Acquire::ftp::proxy "ftp://yourproxy"
. To discover more configuration options, read the
apt.conf(5) manual page with the
man apt.conf
command (for details on manual pages, see
7.1.1절. “Manual Pages”).
6.2.5. Managing Package Priorities
One of the most important aspects in the configuration of APT is the management of the priorities associated with each package source. For instance, you might want to extend one distribution with one or two newer packages from Testing, Unstable or Experimental. It is possible to assign a priority to each available package (the same package can have several priorities depending on its version or the distribution providing it). These priorities will influence APT's behavior: for each package, it will always select the version with the highest priority (except if this version is older than the installed one and if its priority is less than 1000).
APT defines several default priorities. Each installed package version has a priority of 100. A non-installed version has a priority of 500 by default, but it can jump to 990 if it is part of the target release (defined with the -t
command-line option or the APT::Default-Release
configuration directive).
You can modify the priorities by adding entries in the /etc/apt/preferences
file with the names of the affected packages, their version, their origin and their new priority.
APT will never install an older version of a package (that is, a package whose version number is lower than the one of the currently installed package) except if its priority is higher than 1000. APT will always install the highest priority package which follows this constraint. If two packages have the same priority, APT installs the newest one (whose version number is the highest). If two packages of same version have the same priority but differ in their content, APT installs the version that is not installed (this rule has been created to cover the case of a package update without the increment of the revision number, which is usually required).
In more concrete terms, a package whose priority is less than 0 will never be installed. A package with a priority ranging between 0 and 100 will only be installed if no other version of the package is already installed. With a priority between 100 and 500, the package will only be installed if there is no other newer version installed or available in another distribution. A package of priority between 501 and 990 will only be installed if there is no newer version installed or available in the target distribution. With a priority between 990 and 1000, the package will be installed except if the installed version is newer. A priority greater than 1000 will always lead to the installation of the package even if it forces APT to downgrade to an older version.
When APT checks /etc/apt/preferences
, it first takes into account the most specific entries (often those specifying the concerned package), then the more generic ones (including for example all the packages of a distribution). If several generic entries exist, the first match is used. The available selection criteria include the package's name and the source providing it. Every package source is identified by the information contained in a Release
file that APT downloads together with the Packages
files. It specifies the origin (usually “Debian” for the packages of official mirrors, but it can also be a person's or an organization's name for third-party repositories). It also gives the name of the distribution (usually Stable, Testing, Unstable or Experimental for the standard distributions provided by Debian) together with its version (for example 9 for Debian Stretch). Let's have a look at its syntax through some realistic case studies of this mechanism.
Let's suppose that you only want to use packages from the stable version of Debian. Those provided in other versions should not be installed except if explicitly requested. You could write the following entries in the /etc/apt/preferences
file:
a=stable
defines the name of the selected distribution. o=Debian
limits the scope to packages whose origin is “Debian”.
Let's now assume that you have a server with several local programs depending on the version 5.24 of Perl and that you want to ensure that upgrades will not install another version of it. You could use this entry:
The reference documentation for this configuration file is available in the manual page apt_preferences(5), which you can display with man apt_preferences
.
6.2.6. Working with Several Distributions
apt
being such a marvelous tool, it is tempting to pick packages coming from other distributions. For example, after having installed a Stable system, you might want to try out a software package available in Testing or Unstable without diverging too much from the system's initial state.
Even if you will occasionally encounter problems while mixing packages from different distributions,
apt
manages such coexistence very well and limits risks very effectively. The best way to proceed is to list all distributions used in
/etc/apt/sources.list
(some people always put the three distributions, but remember that
Unstable is reserved for experienced users) and to define your reference distribution with the
APT::Default-Release
parameter (see
6.2.3절. “System Upgrade”).
Let's suppose that Stable is your reference distribution but that Testing and Unstable are also listed in your sources.list
file. In this case, you can use apt install package/testing
to install a package from Testing. If the installation fails due to some unsatisfiable dependencies, let it solve those dependencies within Testing by adding the -t testing
parameter. The same obviously applies to Unstable.
In this situation, upgrades (
upgrade
and
full-upgrade
) are done within
Stable except for packages already upgraded to another distribution: those will follow updates available in the other distributions. We will explain this behavior with the help of the default priorities set by APT below. Do not hesitate to use
apt-cache policy
(see sidebar
TIP apt-cache policy
) to verify the given priorities.
Everything centers around the fact that APT only considers packages of higher or equal version than the installed one (assuming that /etc/apt/preferences
has not been used to force priorities higher than 1000 for some packages).
Let's assume that you have installed version 1 of a first package from Stable and that version 2 and 3 are available respectively in Testing and Unstable. The installed version has a priority of 100 but the version available in Stable (the very same) has a priority of 990 (because it is part of the target release). Packages in Testing and Unstable have a priority of 500 (the default priority of a non-installed version). The winner is thus version 1 with a priority of 990. The package “stays in Stable”.
Let's take the example of another package whose version 2 has been installed from Testing. Version 1 is available in Stable and version 3 in Unstable. Version 1 (of priority 990 — thus lower than 1000) is discarded because it is lower than the installed version. This only leaves version 2 and 3, both of priority 500. Faced with this alternative, APT selects the newest version, the one from Unstable.If you don't want a package installed from Testing to migrate to Unstable, you have to assign a priority lower than 500 (490 for example) to packages coming from Unstable. You can modify /etc/apt/preferences
to this effect:
Package: *
Pin: release a=unstable
Pin-Priority: 490
6.2.7. Tracking Automatically Installed Packages
One of the essential functionalities of apt
is the tracking of packages installed only through dependencies. These packages are called “automatic”, and often include libraries for instance.
With this information, when packages are removed, the package managers can compute a list of automatic packages that are no longer needed (because there is no “manually installed” packages depending on them). apt-get autoremove
or apt autoremove
will get rid of those packages. aptitude
does not have this command because it removes them automatically as soon as they are identified. In all cases, the tools display a clear message listing the affected packages.
It is a good habit to mark as automatic any package that you don't need directly so that they are automatically removed when they aren't necessary anymore.
apt-mark auto package
will mark the given package as automatic whereas
apt-mark manual package
does the opposite.
aptitude markauto
and
aptitude unmarkauto
work in the same way although they offer more features for marking many packages at once (see
6.4.1절. “aptitude
”). The console-based interactive interface of
aptitude
also makes it easy to review the “automatic flag” on many packages.
People might want to know why an automatically installed package is present on the system. To get this information from the command line, you can use aptitude why package
(apt
and apt-get
have no similar feature):
$
aptitude why python-debian
i aptitude Recommends apt-xapian-index
i A apt-xapian-index Depends python-debian (>= 0.1.15)