Workflow:
experimental → unstable (sid) → testing → stable
List installed packages from a release:
$ aptitude search ~i~Astable $ aptitude search ~i~Atesting $ aptitude search ~i~Aunstable $ aptitude search ~i~Aexperimental * https://wiki.debian.org/DebianReleases * https://wiki.debian.org/DebianOldStable * https://wiki.debian.org/DebianStable * https://wiki.debian.org/DebianTesting * https://wiki.debian.org/DebianUnstable * https://wiki.debian.org/DebianExperimental
See man sources.list(5), apt.conf(5), apt_preferences(5).
http://httpredir.debian.org/debian/ used for automatic balancing to nearest perository. Corresponding /etc/apt/sources.list may have:
deb http://httpredir.debian.org/debian/ stable main contrib non-free deb http://httpredir.debian.org/debian/ stable-backports main contrib non-free deb http://httpredir.debian.org/debian/ unstable main contrib non-free deb http://httpredir.debian.org/debian/ experimental main contrib non-free deb http://httpredir.debian.org/debian/ testing main contrib non-free deb http://httpredir.debian.org/debian/ testing main contrib non-free
Security updates destributed via different URL (for oldstable, stable and testing only, of cause there are no reason for sid or experimental):
deb http://security.debian.org/ oldstable main contrib non-free deb http://security.debian.org/ stable main contrib non-free deb http://security.debian.org/ testing main contrib non-free
Other useful repositories:
deb http://www.deb-multimedia.org testing main non-free
To include config as separate file add file with name like:
/etc/apt/sources.list.d/*.list /etc/apt/sources.list.d/testing.list /etc/apt/sources.list.d/sid.list
To disable installation of recommended packages (which is by default) create file /etc/apt/apt.conf.d/01no-recommends:
APT::Install-Recommends "0"; APT::AutoRemove::RecommendsImportant "1"; APT::Install-Suggests "0";
Alternatively pass corresponding option to installation utility to suppress installation of recommended packages:
apt --no-install-recommends aptitude --without-recommends aptitude -R
To install suggested packages:
apt --install-suggests aptitude --install-suggests
Verify settings:
apt-config dump | fgrep -i recommend apt-config dump | fgrep -i suggest
Newer approach for selecting mirror is via DNS balancing from httpredir.debian.org. Just use:
deb http://httpredir.debian.org/debian/ stable main contrib non-free
Older approach to select nearest mirrors is:
$ sudo apt-get install netselect-apt $ netselect-apt stable $ netselect-apt testing $ netselect-apt unstable $ netselect-apt experimental $ netselect-apt sid
To show available attributes for package sources:
apt-cache policy
...
500 http://deb.debian.org/debian buster-updates/main amd64 Packages
release o=Debian,a=stable-updates,n=buster-updates,l=Debian,c=main,b=amd64
origin deb.debian.org
...
/etc/apt/preferences:
Package: * Pin: release a=stable Pin-Priority: 800 Package: * Pin: release a=testing Pin-Priority: 900 Package: * Pin: release a=unstable Pin-Priority: 700 Package: * Pin: release a=experimental Pin-Priority: 600
Example that prevent installing *systemd* packages (priority strictly below 0 forbid package to be installed):
Package: systemd Pin: origin "" Pin-Priority: -1 Package: *systemd* Pin: origin "" Pin-Priority: -1
Example that avoid installing packages from different distribution (priority strictly below 100 cause a version to be installed only if there is no installed version of the package), you should keep main distribution priority above foreign distro priority:
Package: * Pin: release a=testing Pin-Priority: 990 Package: * Pin: release o=Kali Pin-Priority: 50
To discover package priority:
bash# apt-cache madison emacs24
emacs24 | 24.5+1-3 | http://ftp.us.debian.org/debian/ testing/main amd64 Packages
emacs24 | 24.4+1-5 | http://http.kali.org/kali/ kali-current/main amd64 Packages
emacs24 | 24.5+1-3 | http://ftp.us.debian.org/debian/ testing/main Sources
bash# apt-cache policy emacs24
emacs24:
Installed: 24.5+1-3
Candidate: 24.5+1-3
Version table:
*** 24.5+1-3 0
990 http://ftp.us.debian.org/debian/ testing/main amd64 Packages
100 /var/lib/dpkg/status
24.4+1-5 0
50 http://http.kali.org/kali/ kali-current/main amd64 Packages
bash# aptitude versions emacs24
Package emacs24:
p 24.4+1-5 kali-current 50
i 24.5+1-3 testing 990
Main backports archive located at http://www.backports.org.
To get packeges gpg sign key:
$ su ... $ wget -O - http://backports.org/debian/archive.key | apt-key add - $ ^D
Write where packeges places:
$ cat /etc/apt/sources.list deb http://www.backports.org/debian/ etch-backports main contrib non-free
Usualy you can safely update keyring via debian-keyring package because it is signed by prevoius keyring:
$ sudo apt-get install debian-keyring
Defferent 3rd party provide keys for download. If you trust key (or get it in a trusted way) it is easy to import it:
$ sudo apt-key add $FILE.pgp
Another way to resolve warning:
$ sudo apt-get update ... W: There is no public key available for the following key IDs: 9AA38DCD55BE302B W: GPG error: http://http.us.debian.org etch Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 9AA38DCD55BE302B ...
is to use key servers directly:
$ gpg --keyserver pgp.mit.edu --recv-key 9AA38DCD55BE302B \ --keyserver-options http-proxy=http://user:pass@192.168.1.1:3128 gpg: requesting key 55BE302B from hkp server pgp.mit.edu gpg: key 55BE302B: public key "Debian Archive Automatic Signing Key (5.0/lenny) <ftpmaster@debian.org>" imported gpg: no ultimately trusted keys found gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1) $ gpg --export 9AA38DCD55BE302B | sudo apt-key add - OK
List all known packages:
apt list
List installed packages:
apt list --installed
List upgradable packages:
apt list --upgradable
$ apt-get install build-essential # install dev LIBC and GCC C/C++ $ sudo apt-get build-dep $package
If all you want is checking what packages are needed to build a given package:
$ apt-cache showsrc $package
or check 'Build-Depends' attribute in:
$ apt-cache show $package
To get list of such packages use one of:
$ aptitude search ~c $ grep-status -n -sPackage -FStatus config-files
To remove them:
$ aptitude purge ~c
To get list of such packages use:
$ aptitude search ~o
To remove them:
$ aptitude purge ~o
To remove packages that were automatically installed to satisfy dependencies and are now no longer needed:
$ sudo apt-get autoremove
Remove everything from /var/cache/apt/archives/ and /var/cache/apt/archives/partial/:
$ sudo apt-get clean
Removes package files that can no longer be downloaded, and are largely useless:
$ sudo apt-get autoclean
$ sudo debsums --changed
$ aptitude search '?tag(works-with::logfile)'
$ apt-cache dotty $PKG | dot -Tsvg >$PKG.svg && see $PKG.svg $ sudo apt-get install debtree $ debtree $PKG | dot -Tsvg >$PKG.svg && see $PKG.svg $ sudo apt-get install apt-rdepends $ apt-rdepends $PKG $ apt-rdepends -r $PKG $ apt-rdepends -d $PKG | dot -Tsvg >$PKG.svg && see $PKG.svg $ apt-rdepends -d -r $PKG | dot -Tsvg >$PKG.svg && see $PKG.svg
Simulation for apt-get and aptitude shows what happen without actually modifying or installing any packages.
Simulate install or upgrade with -s key:
$ sudo apt-get install -s xterm $ sudo aptitude install -s xterm $ sudo apt-get upgrade -s $ sudo aptitude upgrade -s
Following removes or override (like "hold" status) aptitude package state DB:
sudo rm /var/lib/aptitude/pkgstates sudo aptitude keep-all