Linux Patch Management: Keeping Linux Systems Up To Date
5.4. The APT Commands in Detail
The apt commands are important. You can do more from the command line interface. If you want to take full advantage of the apt system, you'll learn how to use the basic apt commands. While we do not cover all available apt commands in this book, two are critical to anyone interested in patch management for RPM- and DEB-based distributions: apt-cache and apt-get. There are certainly more apt commands of interest, some of which were covered in Chapter 4. Some are largely limited to Debian-style distributions. 5.4.1. Analyzing apt-cache in Detail
It's worth some trouble to examine what you can do with the apt-cache command. You can review most available options with the apt-cache -h | less command. This list is not complete; you learned about the showgroup and groupnames options earlier in this chapter, as well as search in Chapter 4. Several options are rarely used because other commands may be more useful. For example, while the apt-cache add package command adds a package to the cache, it's best to keep your entire database up to date with the apt-get update command. Therefore, several apt-cache options are not covered in this book. apt-cache showpkg
When you run the apt-cache showpkg packagename command, apt-cache searches through available package databases, as download from servers and locations specified in /etc/apt/sources.list. One sample with the synaptic package is shown in Figure 5-9. Figure 5-9. Listing versions and dependencies with apt-cache
Data associated with synaptic is divided into the following five categories: apt-cache showsrc
When you run apt-cache showsrc packagename command, apt-cache searches through available source package databases, as downloaded from source repositories specified in /etc/apt/sources.list; the source repositories in that file should be associated with the deb-src or rpm-src commands. Among other things, the output includes the name of the source files required to build the binary packages and the Build-Depends, which include those packages and libraries required to build the specific package. apt-cache show
If you want more information on available packages, the show option is for you. When you run the apt-cache show packagename command, the package does not have to be installed. All you need to do is specify the name of the package and apt-cache searches through the downloaded cache of available packages for dependencies, conflicts, and basic package information. Try it with the package of your choice. apt-cache depends / rdepends
If you want more information on dependencies, the depends option is for you. When you run the apt-cache depends packagename command, the package does not have to be installed. All you need to do is specify the name of the package and apt-cache searches through the downloaded cache of available packages for dependencies. Try it with the package of your choice. The rdepends option is relatively straightforwardit provides a list of reverse dependencies, those packages that depend on the package which you've specified. apt-cache pkgnames
The apt-cache pkgnames command by itself is not useful. It scrolls a very long list of every package available from your repositories. But as a database, it can be powerful. For example, if you want a list of every package with gimp in its name, you'd run the following command: apt-cache pkgnames | grep gimp
5.4.2. Analyzing apt-get in Detail
It's worth some trouble to examine what you can do with the apt-get command. You can review most available options with the apt-get -h | less command. This list is not complete; you learned about the mirror-select, showgroup, and groupinstall options earlier in this chapter, as well as update, install, remove, dselect-upgrade, clean, and autoclean options in Chapter 4. Several options that are rarely used are not covered in this book. Default apt-get options are available either in /etc/apt/apt.conf or the /etc/apt/apt.conf.d directory. Naturally, you can override any defaults in these files with the correct switches. apt-get switches
Before we discuss options, there are a number of switches available for apt-get, as shown in Table 5-3. You can use it with the options associated with apt-get, as described in this section and elsewhere in this book.
apt-get upgrade
I don't generally recommend the use of the apt-get upgrade command, because it leads to upgrades to newer versions of most currently installed packages. However, this option does not remove any installed packages; any upgrades which require removals aren't run. apt-get dist-upgrade
If you're prepared to upgrade your system, the apt-get dist-upgrade command may be for you. It provides the "smart upgrade" option described in Chapter 4 available through the Synaptic Package Manager. Detailed options involve the use of the apt-preferences command available only for Debian-type distributions. Because upgrades often involve hundreds of packages, some conflicts may be inevitable. With the smart upgrade features, upgrades of more important packages take priority. In some cases, the -f switch can help by repairing broken dependencies. Other switches described in Table 5-3 may also help. apt-get check
If you're having problems with dependencies, run the apt-get check command. It updates the current cache of packages and lists any unmet dependencies. 5.4.3. Debian-Only apt Commands
There are several apt-related commands generally available only for Debian-type distributions. While Conectiva has ported most of these commands to its RPM-based distribution, they are generally not available for other RPM-based distributions. They include several commands described in Chapter 4, including 5.4.4. RPM-Only apt Commands
There are three apt scripts available only for RPM-based distributions. As of this writing, they have not been ported to Debian-based distributions. Depending on the distribution, they may be available as part of the apt or the apt-server RPM packages. These scripts are as follows: |