Difference between revisions of "Apt"

From wiki
(HTTPS)
(sudo)
Line 5: Line 5:
 
By default, Apt is able to use http sources but not https ones. This might cause problem with some external repositories.
 
By default, Apt is able to use http sources but not https ones. This might cause problem with some external repositories.
 
<syntaxhighlight lang="console">
 
<syntaxhighlight lang="console">
# apt install apt-transport-https
+
$ sudo apt install apt-transport-https
 
</syntaxhighlight>
 
</syntaxhighlight>
  
Line 157: Line 157:
 
It will also warn you in case the system need to be restarted.
 
It will also warn you in case the system need to be restarted.
 
<syntaxhighlight lang="console">
 
<syntaxhighlight lang="console">
# apt install needrestart
+
$ sudo apt install needrestart
 
</syntaxhighlight>
 
</syntaxhighlight>
  
Line 166: Line 166:
  
 
<syntaxhighlight lang="console">
 
<syntaxhighlight lang="console">
# apt install  reboot-notifier
+
$ sudo apt install  reboot-notifier
 
</syntaxhighlight>
 
</syntaxhighlight>
 
You can configure the destination email address in <code>/etc/default/reboot-notifier</code>.
 
You can configure the destination email address in <code>/etc/default/reboot-notifier</code>.
Line 172: Line 172:
 
=== apt-listchanges ===
 
=== apt-listchanges ===
 
Parse changelogs when you upgrade a package and display it. It will also send a copy by email so you can have a look latter in case you missed something.<syntaxhighlight lang="console">
 
Parse changelogs when you upgrade a package and display it. It will also send a copy by email so you can have a look latter in case you missed something.<syntaxhighlight lang="console">
# apt install apt-listchanges
+
$ sudo apt install apt-listchanges
 
</syntaxhighlight>
 
</syntaxhighlight>
  
Line 181: Line 181:
  
 
<syntaxhighlight lang="console">
 
<syntaxhighlight lang="console">
# apt install apticron
+
$ sudo apt install apticron
 
</syntaxhighlight>
 
</syntaxhighlight>
 
To configure apticron, edit <code>/etc/apticron/apticron.conf</code> and changes the following settings<syntaxhighlight lang="ini">
 
To configure apticron, edit <code>/etc/apticron/apticron.conf</code> and changes the following settings<syntaxhighlight lang="ini">

Revision as of 22:26, 20 December 2016

Configure

HTTPS

By default, Apt is able to use http sources but not https ones. This might cause problem with some external repositories. 

$ sudo apt install apt-transport-https

sources.list

Here is the /etc/apt/sources.list for a Debian Jessie distribution.

The file is referencing versions names instead of the stable and testing aliases. The reason is that we don't want a massive uncontrolled upgrade on the day of the release of the next stable. 

deb http://httpredir.debian.org/debian jessie main contrib non-free
deb-src http://httpredir.debian.org/debian jessie main contrib non-free

deb http://security.debian.org/ jessie/updates main contrib non-free
deb-src http://security.debian.org/ jessie/updates main contrib non-free

deb http://httpredir.debian.org/debian jessie-updates main contrib non-free
deb-src http://httpredir.debian.org/debian jessie-updates main contrib non-free

deb http://httpredir.debian.org/debian jessie-backports main contrib non-free
deb-src http://httpredir.debian.org/debian jessie-backports main contrib non-free

# testing
deb http://httpredir.debian.org/debian stretch main contrib non-free
deb-src http://httpredir.debian.org/debian stretch main contrib non-free

apt.conf

The file /etc/apt/apt.conf stores settings of apt. You can create the file if it doesn't exist. 

APT::Default-Release "jessie";

APT::Cache-Limit "100000000";

aptitude "";
aptitude::Keep-Unused-Pattern ""; 
aptitude::Delete-Unused-Pattern ""; 
aptitude::UI ""; 
aptitude::UI::Menubar-Autohide "true";
aptitude::UI::Minibuf-Download-Bar "false";
aptitude::UI::InfoAreaTabs "true";
aptitude::UI::Package-Header-Format "%N %n #%B %u %o";
aptitude::UI::Package-Status-Format "%d #%D %I";
aptitude::UI::Package-Display-Format "%c%a%M%S %p #%t %Z %r %D %v %V";

Pinning

Setup

Create file /etc/apt/preferences 

Explanation: This priority correspond to the default set by "APT::Default-Release"
Explanation: We make it explicit
Package: *
Pin: release o=Debian, n=jessie
Pin-Priority: 990

Explanation: Assign the same priority than stable release so these are picked if they are newer
Package: *
Pin: release o=Debian, n=jessie-updates
Pin-Priority: 990

Explanation: Lower than stable as we don't want them installed by default.
Explanation: Higher than testing, we prefer to install from backports than testing.
Package: *
Pin: release o=Debian Backports, n=jessie-backports
Pin-Priority: 900


Explanation: Lower than others
Explanation: Higher than 500 so it's still preferred over external sources
Package: *
Pin: release o=Debian, n=stretch
Pin-Priority: 700

Debugging

By default, it might be hard to understand why a particular version of a package is chosen for updates. Thankfully, apt-cache can help us with that. 

$ apt-cache policy | grep -Ev Translation-..$
Package files:
 100 /var/lib/dpkg/status
     release a=now
 700 http://httpredir.debian.org/debian/ stretch/non-free amd64 Packages
     release o=Debian,a=testing,n=stretch,l=Debian,c=non-free
     origin httpredir.debian.org
 700 http://httpredir.debian.org/debian/ stretch/contrib amd64 Packages
     release o=Debian,a=testing,n=stretch,l=Debian,c=contrib
     origin httpredir.debian.org
 700 http://httpredir.debian.org/debian/ stretch/main amd64 Packages
     release o=Debian,a=testing,n=stretch,l=Debian,c=main
     origin httpredir.debian.org
 900 http://httpredir.debian.org/debian/ jessie-backports/non-free amd64 Packages
     release o=Debian Backports,a=jessie-backports,n=jessie-backports,l=Debian Backports,c=non-free
     origin httpredir.debian.org
 900 http://httpredir.debian.org/debian/ jessie-backports/contrib amd64 Packages
     release o=Debian Backports,a=jessie-backports,n=jessie-backports,l=Debian Backports,c=contrib
     origin httpredir.debian.org
 900 http://httpredir.debian.org/debian/ jessie-backports/main amd64 Packages
     release o=Debian Backports,a=jessie-backports,n=jessie-backports,l=Debian Backports,c=main
     origin httpredir.debian.org
 990 http://httpredir.debian.org/debian/ jessie-updates/non-free amd64 Packages
     release o=Debian,a=stable-updates,n=jessie-updates,l=Debian,c=non-free
     origin httpredir.debian.org
 990 http://httpredir.debian.org/debian/ jessie-updates/contrib amd64 Packages
     release o=Debian,a=stable-updates,n=jessie-updates,l=Debian,c=contrib
     origin httpredir.debian.org
 990 http://httpredir.debian.org/debian/ jessie-updates/main amd64 Packages
     release o=Debian,a=stable-updates,n=jessie-updates,l=Debian,c=main
     origin httpredir.debian.org
 990 http://security.debian.org/ jessie/updates/non-free amd64 Packages
     release v=8,o=Debian,a=stable,n=jessie,l=Debian-Security,c=non-free
     origin security.debian.org
 990 http://security.debian.org/ jessie/updates/contrib amd64 Packages
     release v=8,o=Debian,a=stable,n=jessie,l=Debian-Security,c=contrib
     origin security.debian.org
 990 http://security.debian.org/ jessie/updates/main amd64 Packages
     release v=8,o=Debian,a=stable,n=jessie,l=Debian-Security,c=main
     origin security.debian.org
 990 http://httpredir.debian.org/debian/ jessie/non-free amd64 Packages
     release v=8.3,o=Debian,a=stable,n=jessie,l=Debian,c=non-free
     origin httpredir.debian.org
 990 http://httpredir.debian.org/debian/ jessie/contrib amd64 Packages
     release v=8.3,o=Debian,a=stable,n=jessie,l=Debian,c=contrib
     origin httpredir.debian.org
 990 http://httpredir.debian.org/debian/ jessie/main amd64 Packages
     release v=8.3,o=Debian,a=stable,n=jessie,l=Debian,c=main
     origin httpredir.debian.org
Pinned packages:

$ apt-cache policy linux-image-amd64
linux-image-amd64:
  Installed: 4.3+70~bpo8+1
  Candidate: 4.3+70~bpo8+1
  Version table:
     4.3+70 0
        700 http://httpredir.debian.org/debian/ stretch/main amd64 Packages
 *** 4.3+70~bpo8+1 0
        900 http://httpredir.debian.org/debian/ jessie-backports/main amd64 Packages
        100 /var/lib/dpkg/status
     3.16+63 0
        990 http://httpredir.debian.org/debian/ jessie/main amd64 Packages

Tools

needrestart

After a successful upgrade, needrestart will check if any daemon need to be restarted. If so, it will show a dialog where you can choose which ones should be restarted automatically.

It will also warn you in case the system need to be restarted. 

$ sudo apt install needrestart

reboot-notifier

Sends you a daily email in case your server need to be restarted

Important: Your server needs be able to send Emails before you install this. 

$ sudo apt install  reboot-notifier

You can configure the destination email address in /etc/default/reboot-notifier.

apt-listchanges

Parse changelogs when you upgrade a package and display it. It will also send a copy by email so you can have a look latter in case you missed something.

$ sudo apt install apt-listchanges

apticron

Apticron will check for updates and send you emails with changelogs

Important: Your server needs be able to send Emails before you install this. 

$ sudo apt install apticron

To configure apticron, edit /etc/apticron/apticron.conf and changes the following settings

EMAIL="youremail@example.org"
NOTIFY_HOLDS="0"
NOTIFY_NEW="0"
Retrieved from ‘https://wiki.meurisse.org/index.php?title=Apt&oldid=522