Ubuntu and Debian package management commands: apt, dpkg

Both Ubuntu and Debian have a layered packaged management system that consists of many different commands for different areas. There is apt-get, apt, apt-cache, aptitude, dpkg, apt-file and graphical tools. Instead of discussing all these tools in detail we focus in the following on some common package management tasks and we use only the command line.

Operations on installed packages

list installed package names

dpkg -l or dpkg --get-selections or apt list --installed

list files in an installed package

dpkg -L PackageName

verify the integrity of the files of an installed package with checksums

dpkg --verify PackageName
This prints nothing if everything is OK.

Check system for missing/broken dependencies

apt-get check

show name of package to which an already installed file belongs

dpkg -S /path/to/file/name

show a description and other info about an installed package

dpkg-query -s PackageName

show just name and version of an installed package

dpkg-query -W PackageName

Operations on .deb files (not installed packages)

show info about a not yet installed .deb package file

These do not install the package. You are just investigating the deb files.
Show description: dpkg -I PackageFile.deb or dpkg-deb --info PackageFile.deb Show dependencies needed to install this package: dpkg -I PackageFile.deb | grep Depends Show files inside package: dpkg-deb --contents PackageFile.deb

Operations on the repository database

These operations allow you to investigate not yet installed packages (and possibly installed ones) but you are getting the date from the local repository database cache.

List package names

apt-cache pkgnames

Show description of package

apt-cache show PackageName

Show list of dependencies of package

apt-cache showpkg PackageName

Show summary of package and where it would be fetched from if installed

apt-cache madison PackageName
This shows as well all the package versions that are available.

List known remote repositories

apt-cache policy

check available package version vs installed version

apt-cache policy PackageName

update the meta database containing information about available packages

apt-get update

Package installation

Install package (and download it automatically)

apt-get install PackageName

Check if a package was installed because it is needed by some other package

Why was this package installed?
aptitude why PackageName

Install package from a .deb file

investigate the dependencies of a .db file dpkg -I PackageFile.deb | grep Depends install all the dependencies with apt-get install PackageName and then install the actual debian file dpkg -i PackageFile.deb
dpkg -i PackageFile.deb followed by apt-get install -f to install any missing dependencies
copy your .deb file to /var/cache/apt/archives/ after that install: apt-get install PackageName

Update a single package to a newer version

apt-get install PackageName --only-upgrade

Add an external 3rd party repository

Be careful with installing from thirdparty repos. This can possibly break dependencies if the repo is not properly maintained.
add-apt-repository ppa:...... apt-get update and then just install the package that you need from this repo: apt-get install PackageName

List repos that you had added

apt policy| less This list all repos, you simply search for ppa

Delete a ppa repo

add-apt-repository --remove ppa:..... or ppa-purge ppa:.....

Download .deb files

Most of the already installed deb files are at /var/cache/apt/archives/ unless you delete them after installation.

Download .deb file

apt-get install -d PackageName This downloads only and does not install. It works only for not yet installed packages. The file will end up at /var/cache/apt/archives/
apt-get install --reinstall -d PackageName This downloads only and works for already installed packages. The file will end up at /var/cache/apt/archives/
apt-get download PackageName This downloads the .deb file to the current directory

mark packages to not change and update

mark a package

apt-mark PackageName This will freeze the package such that it does not update.

list marked packages

apt-mark showhold


delete and remove config files

apt-get purge PackageName

delete and WITHOUT remove config files

apt-get remove PackageName

Remove a package that is broken (files were already manually deleted)

dpkg --remove --force-remove-reinstreq PackageName
Try the above dpkg --remove command but it might fail if there are any pre-removal and post-installation scripts that can not deal with packages that were manually removed. These scripts will then return an error exit code and this causes the process to fail. Here is an example of google-chrome-stable that is behaving like that. I had manually (outside of dpkg/apt) installed a new version and now it produces this error when I try to clean-up the dpkg database:
# dpkg --remove --force-remove-reinstreq google-chrome-stable
(Reading database ... 325937 files and directories currently installed.)
Removing google-chrome-stable (61.0.3163.100-1) ...
xdg-icon-resource: size argument must be numeric
Try 'xdg-icon-resource --help' for more information.
dpkg: error processing package google-chrome-stable (--remove):
 subprocess installed pre-removal script returned error exit status 1
xdg-icon-resource: size argument must be numeric
Try 'xdg-icon-resource --help' for more information.
dpkg: error while cleaning up:
 subprocess installed post-installation script returned error exit status 1
Errors were encountered while processing:
  1. Use dpkg -L google-chrome-stable to list all the files and make sure they are really deleted
  2. The scripts that are causing the problem are in /var/lib/dpkg/info:
    # cd /var/lib/dpkg/info
    # ls | grep google
  3. Edit the removal scritps and put exit 0 at the top: vi google-chrome-stable.postrm google-chrome-stable.prerm
  4. Run: dpkg --remove --force-remove-reinstreq google-chrome-stable
  5. dpkg -l | grep google-chrome-stable
    Will now show that you have config files (rc).
  6. Run dpkg --purge google-chrome-stable to remove everything

Things to avoid

It is unfortunately possible to mess-up the system and acidently remove essential packages or get into a failed upgrade situation. Such cases are rare but they can mess-up a previously perfect computer.

Check the printout before your say yes

If you do apt-get install PackageName then dependencies should be downloaded but no packages should be removed. If you see number of packages that will be removed as non zero then stop and investigate. It should always say "0 to remove" when your intention was to install a new package.

Commands to avoid

Avoid do-release-upgrade Never run this command especially on an older system that has a mixture of files installed from source tar-files, manually downloaded .deb files and files installed via apt-get install. For such a system a relase upgrade could be very dangerous. To apply security fixes and other updates you can run apt upgrade but check how many packages it wants to upgrade. If it is too much then it might result in problems.

© Guido Socher,