oam/knowledge base/apt.md

The APT package manager

Table of contents

1. TL;DR
2. Automate security upgrades
3. Configuration
4. Version pinning
5. Troubleshooting
   1. Fix a "Problem with MergeList" or "status file could not be parsed" error
   2. A package is not upgraded to the release and/or version I pinned
6. Further readings
7. Sources

TL;DR

# Check for broken dependencies.
sudo apt-get check

# Update the packages lists.
sudo apt update

# Upgrade the system.
sudo apt upgrade
sudo apt dist-upgrade

# Look for packages.
apt search 'ansible'
apt search --names-only 'python'

# Show details of packages.
apt show 'vlc'

# List a package's dependencies.
apt depends 'ufw'

# Install packages.
sudo apt install 'nano' 'python3-zstd/stable' 'gparted=0.16.1-1'

# Remove packages.
sudo apt remove 'dhclient' 'sudo'
sudo apt remove --purge 'bluez'
sudo apt purge 'crda'

# Remove orphaned packages.
sudo apt autoremove --purge

# List packages.
sudo apt list
sudo apt list --upgradable
sudo apt list --installed

# List explicitly installed packages only.
sudo apt-mark showmanual

# Mark packages as explicitly installed.
sudo apt-mark manual 'vim' 'unattended-upgrades'

# List non-explicitly installed packages only.
sudo apt-mark showauto

# Mark packages as non-explicitly installed.
sudo apt-mark auto 'zsh' 'bash-completion'
sudo apt-mark auto $(sudo apt-mark showmanual)

# Check package priorities.
apt-check policy
apt-check policy 'boinc-client'

# Reconfigure packages.
sudo dpkg-reconfigure 'mariadb-server'
sudo dpkg-reconfigure -p 'low' 'unattended-upgrades'

Automate security upgrades

Leverage unattended-upgrades for this.

# Configure the packages to keep up to date.
sudo dpkg-reconfigure -p 'low' 'unattended-upgrades'

# Check what packages would be installed.
sudo unattended-upgrade -d --dry-run

# Run manually.
sudo unattended-upgrade

Configuration

See Apt configuration for more information.

# /etc/apt/apt.conf.d/90default-release
APT::Default-Release "stable";

# /etc/apt/apt.conf.d/99parallel-fetch
APT::Acquire::Queue-Mode "access";
APT::Acquire::Retries 3;

Version pinning

See apt_preferences's man page for more information.

# /etc/apt/preferences.d/99perl
Package: perl
Pin: version 5.20*
Pin-Priority: 1001

# /etc/apt/preferences.d/90debian-release
Package: *
Pin: release a=testing
Pin-Priority: 990
Package: *
Pin: release a=stable
Pin-Priority: 500
Package: *
Pin: release a=unstable
Pin-Priority: -1

# /etc/apt/preferences.d/boinc
Package: boinc boinc-client boinc-manager libboinc7
Pin: release a=unstable
Pin-Priority: 995

Troubleshooting

Fix a "Problem with MergeList" or "status file could not be parsed" error

E: Encountered a section with no Package: header E: Problem with MergeList /var/lib/apt/lists/deb.debian.org_debian_dists_bullseye_main_i18n_Translation-en E: The package lists or status file could not be parsed or opened.

sudo rm -vrf '/var/lib/apt/lists/'*
sudo apt update

A package is not upgraded to the release and/or version I pinned

1. The effective priority of the package might be lower than expected.
   Check the package's priority is the one you wanted and is higher than the release's one.

   $ apt-cache policy 'boinc-client'
   boinc-client:
   Installed: 7.16.16+dfsg-1
   Candidate: 7.20.5+dfsg-1.1
   Version table:
      7.20.5+dfsg-1.1 990     <-- wanted candidate, with its pinned priority
         490 http://deb.debian.org/debian testing/main arm64 Packages
          -1 http://deb.debian.org/debian unstable/main arm64 Packages
   *** 7.16.16+dfsg-1 500     <-- usable candidate, with its effective priority
         500 http://deb.debian.org/debian bullseye/main arm64 Packages
         100 /var/lib/dpkg/status
   

2. The package might depend on other packages which are not upgradable at the moment, i.e. their current version might be required by other packages.
   Try installing/upgrading it specifying the desired release and version of the package:

   $ sudo apt upgrade boinc-client/testing
   Reading package lists... Done
   Building dependency tree... Done
   Reading state information... Done
   Selected version '7.20.5+dfsg-1.1' (Debian:testing, Debian:unstable [arm64]) for 'boinc-client'
   Selected version '7.20.5+dfsg-1.1' (Debian:testing, Debian:unstable [arm64]) for 'libboinc7' because of 'boinc-client'
   Selected version '2.36-9' (Debian:testing, Debian:unstable [arm64]) for 'libc6' because of 'libboinc7'
   Selected version '3.0.8-1' (Debian:testing, Debian:unstable [arm64]) for 'libssl3' because of 'libboinc7'
   Selected version '12.2.0-14' (Debian:testing, Debian:unstable [arm64]) for 'libstdc++6' because of 'libboinc7'
   Calculating upgrade... Done
   Some packages could not be installed. This may mean that you have
   requested an impossible situation or if you are using the unstable
   distribution that some required packages have not yet been created
   or been moved out of Incoming.
   The following information may help to resolve the situation:
   
   The following packages have unmet dependencies:
    libc-bin : Depends: libc6 (< 2.32) but 2.36-9 is to be installed
    libc-dev-bin : Depends: libc6 (< 2.32) but 2.36-9 is to be installed
    libc6-dbg : Depends: libc6 (= 2.31-13+rpt2+rpi1+deb11u5) but 2.36-9 is to be installed
    libc6-dev : Depends: libc6 (= 2.31-13+rpt2+rpi1+deb11u5) but 2.36-9 is to be installed
   E: Broken packages
   

Further readings

• Apt configuration
• Configuring Apt sources
• Unattended Upgrades
• apt_preferences's man page
• dpkg
• apt-file to look for files in packages
• netselect-apt to select the fastest APT mirror

Sources

All the references in the further readings section, plus the following:

• cheat.sh
• Fix a "Problem with MergeList" or "status file could not be parsed" error