Debian-based distros

By admin, 28 April, 2025

Using dpkg for Binary Package Management

NAME

apt - command-line interface (Linux)

SYNOPSIS

apt [-h] [-o=config_string] [-c=config_file] [-t=target_release] [-a=architecture] {list | search | show | update | install pkg [{=pkg_version_number | /target_release}]... | remove pkg... | upgrade | full-upgrade | edit-sources | {-v | --version} | {-h | --help}}

DESCRIPTION

apt provides a high-level commandline interface for the package management system. It is intended as an end user interface and enables some options better suited for interactive usage by default compared to more specialized APT tools like apt-get and apt-cache.

Much like apt itself, its manpage is intended as an end user interface and as such only mentions the most used commands and options partly to not duplicate information in multiple places and partly to avoid overwhelming readers with a cornucopia of options and details.

update (apt-get)

update is used to download package information from all configured sources. Other commands operate on this data to e.g. perform package upgrades or search in and display details about all packages available for installation.

upgrade (apt-get)

upgrade is used to install available upgrades of all packages currently installed on the system from the sources configured via sources.list. New packages will be installed if required to satisfy dependencies, but existing packages will never be removed. If an upgrade for a package requires the removal of an installed package the upgrade for this package isn't performed.

full-upgrade (apt-get)

full-upgrade performs the function of upgrade but will remove currently installed packages if this is needed to upgrade the system as a whole.

install, reinstall, remove, purge (apt-get)

Performs the requested action on one or more packages specified via regex, glob or exact match. The requested action can be overridden for specific packages by append a plus (+) to the package name to install this package or a minus (-) to remove it.

A specific version of a package can be selected for installation by following the package name with an equals (=) and the version of the package to select. Alternatively the version from a specific release can be selected by following the package name with a forward slash (/) and codename (buster, bullseye, sid ...) or suite name (stable, testing, unstable). This will also select versions from this release for dependencies of this package if needed to satisfy the request.

Removing a package removes all packaged data, but leaves usually small (modified) user configuration files behind, in case the remove was an accident. Just issuing an installation request for the accidentally removed package will restore its function as before in that case. On the other hand you can get rid of these leftovers by calling purge even on already removed packages. Note that this does not affect any data or configuration stored in your home directory.

autoremove (apt-get)

autoremove is used to remove packages that were automatically installed to satisfy dependencies for other packages and are now no longer needed as dependencies changed or the package(s) needing them were removed in the meantime.

You should check that the list does not include applications you have grown to like even though they were once installed just as a dependency of another package. You can mark such a package as manually installed by using apt-mark. Packages which you have installed explicitly via install are also never proposed for automatic removal.

search (apt-cache)

search can be used to search for the given regex term(s) in the list of available packages and display matches. This can e.g. be useful if you are looking for packages having a specific feature. If you are looking for a package including a specific file try apt-file.

show (apt-cache)

Show information about the given package(s) including its dependencies, installation and download size, sources the package is available from, the description of the packages content and much more. It can e.g. be helpful to look at this information before allowing apt to remove a package or while searching for new packages to install.

list (work-in-progress)

list is somewhat similar to dpkg-query --list in that it can display a list of packages satisfying certain criteria. It supports glob patterns for matching package names as well as options to list installed (--installed), upgradeable (--upgradeable) or all available (--all-versions) versions.

edit-sources (work-in-progress)

edit-sources lets you edit your sources.list files in your preferred texteditor while also providing basic sanity checks.

Key Management

NAME

apt-key - APT key management utility (Linux)

SYNOPSIS

apt-key [--keyring filename] {add filename | del keyid | export keyid | exportall | list | finger | adv | update | net-update | {-v | --version} | {-h | --help}}

DESCRIPTION

apt-key is used to manage the list of keys used by apt to authenticate packages. Packages which have been authenticated using these keys will be considered trusted.

Note that if usage of apt-key is desired the additional installation of the GNU Privacy Guard suite (packaged in gnupg) is required. For this reason alone the programmatic usage (especially in package maintainerscripts!) is strongly discouraged. Further more the output format of all commands is undefined and can and does change whenever the underlying commands change. apt-key will try to detect such usage and generates warnings on stderr in these cases.

SUPPORTED KEYRING FILES

apt-key supports only the binary OpenPGP format (also known as "GPG key public ring") in files with the "gpg" extension, not the keybox database format introduced in newer gpg versions as default for keyring files. Binary keyring files intended to be used with any apt version should therefore always be created with gpg --export.

Alternatively, if all systems which should be using the created keyring have at least apt version >= 1.4 installed, you can use the ASCII armored format with the "asc" extension instead which can be created with gpg --armor --export.

COMMANDS

add filename

Add a new key to the list of trusted keys. The key is read from the filename given with the parameter filename or if the filename is - from standard input.

It is critical that keys added manually via apt-key are verified to belong to the owner of the repositories they claim to be for otherwise the apt-secure infrastructure is completely undermined.

Note: Instead of using this command a keyring should be placed directly in the /etc/apt/trusted.gpg.d/ directory with a descriptive name and either "gpg" or "asc" as file extension.

del keyid Remove a key from the list of trusted keys.

export keyid Output the key keyid to standard output.

exportall Output all trusted keys to standard output.

list, finger List trusted keys with fingerprints.

adv Pass advanced options to gpg. With adv --recv-key you can e.g. download key from keyservers directly into the trusted set of keys. Note that there are no checks performed, so it is easy to completely undermine the apt-secure infrastructure if used without care.

update (deprecated) Update the local keyring with the archive keyring and remove from the local keyring the archive keys which are no longer valid. The archive keyring is shipped in the archive-keyring package of your distribution, e.g. the debian-archive-keyring package in Debian.

Note that a distribution does not need to and in fact should not use this command any longer and instead ship keyring files in the /etc/apt/trusted.gpg.d/ directory directly as this avoids a dependency on gnupg and it is easier to manage keys by simply adding and removing files for maintainers and users alike.

net-update Perform an update working similarly to the update command above, but get the archive keyring from a URI instead and validate it against a master key. This requires an installed download manager and an APT build configured to have a server to fetch from and a master keyring to validate. APT in Debian does not support this command, relying on update instead, but Ubuntu's APT does.

OPTIONS

Note that options need to be defined before the commands described in the previous section.

--keyring filename With this option it is possible to specify a particular keyring file the command should operate on. The default is that a command is executed on the trusted.gpg file as well as on all parts in the trusted.gpg.d directory, though trusted.gpg is the primary keyring which means that e.g. new keys are added to this one.

Affiliates | Club Cards | Privacy Policy | Refund Policy | Terms of Use | Hiring!

Copyright © Pars Enterprise LTD №10852239 Registered in England & Wales by Its Respective Founder & Director, All rights reserved.
2nd Floor, College House, 17 King Edwards Road, Ruislip, London HA4 7AE

DMCA.com Protection Status

                 

USDT ERC20-Compatible Web3 Technology Seamlessly

USDC-BTC-BCH-LTC-ETH-XAUT-SOL-TRX-TRC20-BNB-Dash-Doge


Pars Enterprise®, as well as any other Pars Enterprise service or product names or logos displayed on the Pars Enterprise website, are registered trademarks or trademarks of Pars Enterprise, LTD. (also referred to as ParsEnterprise). The names and logos of third party products and companies shown on the website and used in the materials are the property of their respective owners and may also be trademarks. When you use the Pars Enterprise website, you agree to be bound by the Terms of Use.