Apt: Difference between revisions
From DWIKI
Tag: wikieditor |
Tag: wikieditor |
||
| Line 17: | Line 17: | ||
==Enabling/disabling unattended upgrades== | ==Enabling/disabling unattended upgrades== | ||
dpkg-reconfigure unattended-upgrades | dpkg-reconfigure unattended-upgrades | ||
The dialog will show which option is selected now. | |||
==The relevant systemd service== | ==The relevant systemd service== | ||
Revision as of 11:26, 18 November 2025
Debian/Ubuntu package manager
Documentation
Phased Packages
Unattended upgrades
Links
- https://help.ubuntu.com/community/AutomaticSecurityUpdates
- Using Unattended-Upgrades on Debian and Ubuntu
- https://wiki.debian.org/UnattendedUpgrades
- https://linuxblog.io/how-to-enable-unattended-upgrades-on-ubuntu-debian/
- the apt manpage you were looking for
Enabling/disabling unattended upgrades
dpkg-reconfigure unattended-upgrades
The dialog will show which option is selected now.
The relevant systemd service
apt-daily-upgrade.service
Disable unattended upgrades
In /etc/apt/apt.conf.d/20auto-upgrades
APT::Periodic::Unattended-Upgrade "0";
The logs
/var/log/unattended-upgrades/*.log
FAQ
Unattended-Upgrade::DevRelease "auto";
Only works on "dev releases", which is any not .04
What is this Allowed-Origins about?
Check output of
apt -s upgrade
you might see something like
Conf cloud-init (25.1.2-0ubuntu0~22.04.2 Ubuntu:22.04/jammy-updates
which will match
${distro_id}:${distro_codename}-updates
HOWTO
Extract files from .deb
dpkg-deb
or just
dpkg -e foo.deb
note: this extracts to .
Pin a version
List installed packages
apt list --installed
Upgrade just one package
apt-get install --only-upgrade <packagename>
exclude package from upgrade
apt-mark hold somepackage
and to undo
apt-mark unhold somepackage
FAQ
What version of a package is going to be installed?
apt-cache policy <package>
What package does a file belong to?
dpkg -S /path/to/file
Error messages
E: Could not get lock /var/lib/apt/lists/lock. It is held by process 1538337 (apt-get)
Try
systemctl restart packagekit
and check
fuser /var/lib/apt/lists/lock
again
The repository 'http://security.debian.org buster/updates Release' no longer has a Release file
time to upgrade entire system
Unable to correct problems, you have held broken packages.
Try
dpkg --get-selections | grep hold
What packages depend on package
apt-cache rdepends --installed libc6-dev
Clear cache
apt-get clean
Could not handshake: The TLS connection was non-properly terminated.
try http instead of https
Depends: but it is not going to be installed
First try
apt-get update && apt-get upgrade
E: Unable to correct problems, you have held broken packages.
Which services should be restarted?
That's from needrestart
Prevent restarting all services when installing a package
NEEDRESTART_MODE=i apt install somepackage
What repository provides package
apt policy <packagename>
Error messages
Key is stored in legacy trusted.gpg keyring
Check apt-key is deprecated
Certificate verification failed: The certificate is NOT trusted.
try
deb [trusted=yes] ...
in sources.list, but things might be worse than that, in case of launchpad change to
https://ppa.launchpadcontent.net/
apt-key is deprecated. Manage keyring files in trusted.gpg.d instead
The following upgrades have been deferred due to phasing
apt install <whatever package it lists>
needrestart
Show which services need restarting
needrestart -rl
Service restarts being deferred
Probably services like networkd-dispatcher.service. Check /etc/needrestart/needrestart.conf for $nrconf{override_rc}
