apt Cheatsheet

Unpacking .deb files

root@server01:~# apt-cache search isc-dhcp
isc-dhcp-client - ISC DHCP client
isc-dhcp-client-dbg - ISC DHCP client (debugging symbols)
isc-dhcp-common - common files used by all the isc-dhcp* packages
...edited...

root@server01:~# apt-get install tree
Re ading package lists... Done
Building dependency tree       
Reading state information... Done
The following NEW packages will be installed
  tree
0 to upgrade, 1 to newly install, 0 to remove and 2 not to upgrade.
Need to get 28.4 kB of archives.
After this operation, 102 kB of additional disk space will be used.
Get:1 http://gb.archive.ubuntu.com/ubuntu/ precise/universe tree amd64 1.5.3-2 [28.4 kB]
Fetched 28.4 kB in 0s (834 kB/s)
Selecting previously unselected package tree.
(Reading database ... 55136 files and directories currently installed.)
Unpacking tree (from .../tree_1.5.3-2_amd64.deb) ...
Processing triggers for man-db ...
Setting up tree (1.5.3-2) ...
root@server01:~# 

root@server01:~# dpkg --get-selections | grep -v deinstall | grep dhcp
isc-dhcp-client                                 install
isc-dhcp-common                                 install
root@server01:~# 

root@server01:/# dpkg -l | grep openssl
ii  openssl                          1.0.1-4ubuntu5.12                 Secure Socket Layer (SSL) binary and related cryptographic tools
ii  python-openssl                   0.12-1ubuntu2.1                   Python wrapper around the OpenSSL library
root@server01:/b# 

root@server01:/# dpkg -p openssl
Package: openssl
Priority: optional
Section: utils
Installed-Size: 901
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Architecture: amd64
Version: 1.0.1-4ubuntu5.12
Depends: libc6 (>= 2.15), libssl1.0.0 (>= 1.0.1)
Suggests: ca-certificates
Size: 523340
Description: Secure Socket Layer (SSL) binary and related cryptographic tools
 This package contains the openssl binary and related tools.
 .
 It is part of the OpenSSL implementation of SSL.
 .
 You need it to perform certain cryptographic actions like:
  -  Creation of RSA, DH and DSA key parameters;
  -  Creation of X.509 certificates, CSRs and CRLs;
  -  Calculation of message digests;
  -  Encryption and decryption with ciphers;
  -  SSL/TLS client and server tests;
  -  Handling of S/MIME signed or encrypted mail.
Original-Maintainer: Debian OpenSSL Team <pkg-openssl-devel@lists.alioth.debian.org>
root@server01:/# 

• apt-get remove packagename

will remove the binaries, but not the configuration or data files of the package packagename. It will also leave dependencies installed with it on installation time untouched.

• apt-get purge packagename or
• apt-get remove –purge packagename

will remove about everything regarding the package packagename, but not the dependencies installed with it on installation. Both commands are equivalent.

Particularly useful when you want to 'start all over' with an application because you messed up the configuration. However, it does not remove configuration or data files residing in users home directories, usually in hidden folders there. There is no easy way to get those removed as well.

• apt-get autoremove

removes orphaned packages, i.e. installed packages that used to be installed as an dependency, but aren't any longer. Use this after removing a package which had installed dependencies you're no longer interested in.

Example:-

root@server01:~# apt-get remove isc-dhcp-client isc-dhcp-common
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following packages will be REMOVED
 isc-dhcp-client isc-dhcp-common ubuntu-minimal
0 to upgrade, 0 to newly install, 3 to remove and 2 not to upgrade.
After this operation, 1,498 kB disk space will be freed.
Do you want to continue [Y/n]? y
(Reading database ... 55173 files and directories currently installed.)
Removing ubuntu-minimal ...
Removing isc-dhcp-client ...
Removing isc-dhcp-common ...
Processing triggers for man-db ...
root@server01:~#

root@server01:~# dpkg-query -L hp-health
/.
/var
/var/log
/var/log/hp-health
/var/spool
/var/spool/hp-health
/var/spool/compaq

Such as bash regarding shellshock vulnerability.

root@server01:~# apt-get install --only-upgrade bash
Reading package lists... Done
Building dependency tree       
Reading state information... Done

Preparing to replace bash 4.2-2ubuntu2.1 (using .../bash_4.2-2ubuntu2.3_amd64.deb) ...

This situation arose in AWS where there was a private subnet (10.100.250.0) which could not route out to the internet. The solution was to install a proxy running squid. APT needs configuring to use this proxy, it is a line in /etc/apt/apt.conf:-

root@server01:~# cat /etc/apt/apt.conf
Acquire::http::Proxy "http://10.10.10.11:8080";

It may be advantageous to set assuming your proxy is 10.10.10.11:-

export https_proxy=https://10.10.10.11:8080
export http_proxy=http://10.10.10.11:8080

In some cases you might need to “pin” the selected packages to avoid the upgrades from the distribution repositories. You’ll need to make a new file /etc/apt/preferences.d/00ServiceName.pref and add the following lines in it, for example:-

Package: *
Pin: release o=Percona Development Team
Pin-Priority: 1001

For more information about the pinning you can check the official debian wiki.

Error during an apt-get update is:-

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://apt.puppetlabs.com precise Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7F438280EF8D349F

Fix is to import the key:-

root@server01:~# apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 7F438280EF8D349F
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /tmp/tmp.LMTlTPOSLE --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyring /etc/apt/trusted.gpg.d//puppetlabs-keyring.gpg --keyring /etc/apt/trusted.gpg.d//puppetlabs-nightly-keyring.gpg --keyserver keyserver.ubuntu.com --recv-keys 7F438280EF8D349F
gpg: requesting key EF8D349F from hkp server keyserver.ubuntu.com
gpg: key EF8D349F: public key "Puppet, Inc. Release Key (Puppet, Inc. Release Key) <release@puppet.com>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
root@server01:~#

To remove a package causing an unworkable dependency loop, use this, but beware it may break your system. -r removes a package, -P purges any left over config files too, they are mutually exclusive:-

[root@server ~]# dpkg -r --force-depends <package_name>

[root@server ~]# dpkg -P --force-depends <package_name>