apt-get - APT package handling utility -- command-line interface
apt-get [-asqdyfmubV] [-o=config_string] [-c=config_file] [-t=target_release] [-a=architecture] {update | upgrade | dselect-upgrade | dist-upgrade | install pkg [{=pkg_version_number | /target_release}]... | remove pkg... | purge pkg... | source pkg [{=pkg_version_number | /target_release}]... | build-dep pkg [{=pkg_version_number | /target_release}]... | download pkg [{=pkg_version_number | /target_release}]... | check | clean | autoclean | autoremove | {-v | --version} | {-h | --help}}
apt-get is the command-line tool for handling packages, and may be considered the users "back-end" to other tools using the APT library. Several "front-end" interfaces exist, such as aptitude(8), synaptic(8) and wajig(1).
Unless the -h, or --help option is given, one of the commands below must be present.
update
update is used to resynchronize the package index files from their sources. The indexes of available packages are fetched from the location(s) specified in /etc/apt/sources.list. For example, when using a Debian archive, this command retrieves and scans the Packages.gz files, so that information about new and updated packages is available. An update should always be performed before an upgrade or dist-upgrade. Please be aware that the overall progress meter will be incorrect as the size of the package files cannot be known in advance.
upgrade
upgrade is used to install the newest versions of all packages currently installed on the system from the sources enumerated in /etc/apt/sources.list. Packages currently installed with new versions available are retrieved and upgraded; under no circumstances are currently installed packages removed, or packages not already installed retrieved and installed. New versions of currently installed packages that cannot be upgraded without changing the install status of another package will be left at their current version. An update must be performed first so that apt-get knows that new versions of packages are available.
dist-upgrade
dist-upgrade in addition to performing the function of upgrade, also intelligently handles changing dependencies with new versions of packages; apt-get has a "smart" conflict resolution system, and it will attempt to upgrade the most important packages at the expense of less important ones if necessary. The dist-upgrade command may therefore remove some packages. The /etc/apt/sources.list file contains a list of locations from which to retrieve desired package files. See also apt_preferences(5) for a mechanism for overriding the general settings for individual packages.
dselect-upgrade
dselect-upgrade is used in conjunction with the traditional Debian packaging front-end, dselect(1). dselect-upgrade follows the changes made by dselect(1) to the Status field of available packages, and performs the actions necessary to realize that state (for instance, the removal of old and the installation of new packages).
install
install is followed by one or more packages desired for installation or upgrading. Each package is a package name, not a fully qualified filename (for instance, in a Debian system, apt-utils would be the argument provided, not apt-utils_2.4.8_amd64.deb). All packages required by the package(s) specified for installation will also be retrieved and installed. The /etc/apt/sources.list file is used to locate the desired packages. If a hyphen is appended to the package name (with no intervening space), the identified package will be removed if it is installed. Similarly a plus sign can be used to designate a package to install. These latter features may be used to override decisions made by apt-gets conflict resolution system.
A specific version of a package can be selected for installation by following the package name with an equals and the version of the package to select. This will cause that version to be located and selected for install. Alternatively a specific distribution can be selected by following the package name with a slash and the version of the distribution or the Archive name (stable, testing, unstable).
Both of the version selection mechanisms can downgrade packages and must be used with care.
This is also the target to use if you want to upgrade one or more already-installed packages without upgrading every package you have on your system. Unlike the "upgrade" target, which installs the newest version of all currently installed packages, "install" will install the newest version of only the package(s) specified. Simply provide the name of the package(s) you wish to upgrade, and if a newer version is available, it (and its dependencies, as described above) will be downloaded and installed.
Finally, the apt_preferences(5) mechanism allows you to create an alternative installation policy for individual packages.
If no package matches the given expression and the expression contains one of ., ? or * then it is assumed to be a POSIX regular expression, and it is applied to all package names in the database. Any matches are then installed (or removed). Note that matching is done by substring so lo.* matches how-lo and lowest. If this is undesired, anchor the regular expression with a ^ or $ character, or create a more specific regular expression.
Fallback to regular expressions is deprecated in APT 2.0, has been removed in apt(8), except for anchored expressions, and will be removed from apt-get(8) in a future version. Use apt-patterns(5) instead.
reinstall
reinstall is an alias for install --reinstall.
remove
remove is identical to install except that packages are removed instead of installed. Note that removing a package leaves its configuration files on the system. If a plus sign is appended to the package name (with no intervening space), the identified package will be installed instead of removed.
purge
purge is identical to remove except that packages are removed and purged (any configuration files are deleted too).
source
source causes apt-get to fetch source packages. APT will examine the available packages to decide which source package to fetch. It will then find and download into the current directory the newest available version of that source package while respecting the default release, set with the option APT::Default-Release, the -t option or per package with the pkg/release syntax, if possible.
The arguments are interpreted as binary and source package names. See the --only-source option if you want to change that.
Source packages are tracked separately from binary packages via deb-src lines in the sources.list(5) file. This means that you will need to add such a line for each repository you want to get sources from; otherwise you will probably get either the wrong (too old/too new) source versions or none at all.
If the --compile option is specified then the package will be compiled to a binary .deb using dpkg-buildpackage for the architecture as defined by the --host-architecture option. If --download-only is specified then the source package will not be unpacked.
A specific source version can be retrieved by postfixing the source name with an equals and then the version to fetch, similar to the mechanism used for the package files. This enables exact matching of the source package name and version, implicitly enabling the APT::Get::Only-Source option.
Note that source packages are not installed and tracked in the dpkg database like binary packages; they are simply downloaded to the current directory, like source tarballs.
build-dep
build-dep causes apt-get to install/remove packages in an attempt to satisfy the build dependencies for a source package. By default the dependencies are satisfied to build the package natively. If desired a host-architecture can be specified with the --host-architecture option instead.
The arguments are interpreted as binary or source package names. See the --only-source option if you want to change that.
satisfy
satisfy causes apt-get to satisfy the given dependency strings. The dependency strings may have build profiles and architecture restriction list as in build dependencies. They may optionally be prefixed with "Conflicts: " to unsatisfy the dependency string. Multiple strings of the same type can be specified.
Example: apt-get satisfy "foo" "Conflicts: bar" "baz (>> 1.0) | bar (= 2.0), moo"
The legacy operator </> is not supported, use <=/>= instead.
check
check is a diagnostic tool; it updates the package cache and checks for broken dependencies.
download
download will download the given binary package into the current directory.
clean
clean clears out the local repository of retrieved package files. It removes everything but the lock file from /var/cache/apt/archives/ and /var/cache/apt/archives/partial/.
autoclean (and the auto-clean alias since 1.1)
Like clean, autoclean clears out the local repository of retrieved package files. The difference is that it only removes package files that can no longer be downloaded, and are largely useless. This allows a cache to be maintained over a long period without it growing out of control. The configuration option APT::Clean-Installed will prevent installed packages from being erased if it is set to off.
autoremove (and the auto-remove alias since 1.1)
autoremove is used to remove packages that were automatically installed to satisfy dependencies for other packages and are now no longer needed.
changelog
changelog tries to download the changelog of a package and displays it through sensible-pager. By default it displays the changelog for the version that is installed. However, you can specify the same options as for the install command.
indextargets
Displays by default a deb822 formatted listing of information about all data files (aka index targets) apt-get update would download. Supports a --format option to modify the output format as well as accepts lines of the default output to filter the records by. The command is mainly used as an interface for external tools working with APT to get information as well as filenames for downloaded files so they can use them as well instead of downloading them again on their own. Detailed documentation is omitted here and can instead be found in the file /usr/share/doc/apt/acquire-additional-files.md.gz shipped by the apt-doc package.
All command line options may be set using the configuration file, the descriptions indicate the configuration option to set. For boolean options you can override the config file by using something like -f-,--no-f, -f=no or several other variations.
--no-install-recommends
Do not consider recommended packages as a dependency for installing. Configuration Item: APT::Install-Recommends.
--install-suggests
Consider suggested packages as a dependency for installing. Configuration Item: APT::Install-Suggests.
-d, --download-only
Download only; package files are only retrieved, not unpacked or installed. Configuration Item: APT::Get::Download-Only.
-f, --fix-broken
Fix; attempt to correct a system with broken dependencies in place. This option, when used with install/remove, can omit any packages to permit APT to deduce a likely solution. If packages are specified, these have to completely correct the problem. The option is sometimes necessary when running APT for the first time; APT itself does not allow broken package dependencies to exist on a system. It is possible that a systems dependency structure can be so corrupt as to require manual intervention (which usually means using dpkg --remove to eliminate some of the offending packages). Use of this option together with -m may produce an error in some situations. Configuration Item: APT::Get::Fix-Broken.
-m, --ignore-missing, --fix-missing
Ignore missing packages; if packages cannot be retrieved or fail the integrity check after retrieval (corrupted package files), hold back those packages and handle the result. Use of this option together with -f may produce an error in some situations. If a package is selected for installation (particularly if it is mentioned on the command line) and it could not be downloaded then it will be silently held back. Configuration Item: APT::Get::Fix-Missing.
--no-download
Disables downloading of packages. This is best used with --ignore-missing to force APT to use only the .debs it has already downloaded. Configuration Item: APT::Get::Download.
-q, --quiet
Quiet; produces output suitable for logging, omitting progress indicators. More qs will produce more quiet up to a maximum of 2. You can also use -q=# to set the quiet level, overriding the configuration file. Note that quiet level 2 implies -y; you should never use -qq without a no-action modifier such as -d, --print-uris or -s as APT may decide to do something you did not expect. Configuration Item: quiet.
-s, --simulate, --just-print, --dry-run, --recon, --no-act
No action; perform a simulation of events that would occur based on the current system state but do not actually change the system. Locking will be disabled (Debug::NoLocking) so the system state could change while apt-get is running. Simulations can also be executed by non-root users which might not have read access to all apt configuration distorting the simulation. A notice expressing this warning is also shown by default for non-root users (APT::Get::Show-User-Simulation-Note). Configuration Item: APT::Get::Simulate.
Simulated runs print out a series of lines, each representing a dpkg operation: configure (Conf), remove (Remv) or unpack (Inst). Square brackets indicate broken packages, and empty square brackets indicate breaks that are of no consequence (rare).
-y, --yes, --assume-yes
Automatic yes to prompts; assume "yes" as answer to all prompts and run non-interactively. If an undesirable situation, such as changing a held package, trying to install an unauthenticated package or removing an essential package occurs then apt-get will abort. Configuration Item: APT::Get::Assume-Yes.
--assume-no
Automatic "no" to all prompts. Configuration Item: APT::Get::Assume-No.
--no-show-upgraded
Do not show a list of all packages that are to be upgraded. Configuration Item: APT::Get::Show-Upgraded.
-V, --verbose-versions
Show full versions for upgraded and installed packages. Configuration Item: APT::Get::Show-Versions.
-a, --host-architecture
This option controls the architecture packages are built for by apt-get source --compile and how cross-builddependencies are satisfied. By default is it not set which means that the host architecture is the same as the build architecture (which is defined by APT::Architecture). Configuration Item: APT::Get::Host-Architecture.
-P, --build-profiles
This option controls the activated build profiles for which a source package is built by apt-get source --compile and how build dependencies are satisfied. By default no build profile is active. More than one build profile can be activated at a time by concatenating them with a comma. Configuration Item: APT::Build-Profiles.
-b, --compile, --build
Compile source packages after downloading them. Configuration Item: APT::Get::Compile.
--ignore-hold
Ignore package holds; this causes apt-get to ignore a hold placed on a package. This may be useful in conjunction with dist-upgrade to override a large number of undesired holds. Configuration Item: APT::Ignore-Hold.
--with-new-pkgs
Allow installing new packages when used in conjunction with upgrade. This is useful if the update of an installed package requires new dependencies to be installed. Instead of holding the package back upgrade will upgrade the package and install the new dependencies. Note that upgrade with this option will never remove packages, only allow adding new ones. Configuration Item: APT::Get::Upgrade-Allow-New.
--no-upgrade
Do not upgrade packages; when used in conjunction with install, no-upgrade will prevent packages on the command line from being upgraded if they are already installed. Configuration Item: APT::Get::Upgrade.
--only-upgrade
Do not install new packages; when used in conjunction with install, only-upgrade will install upgrades for already installed packages only and ignore requests to install new packages. Configuration Item: APT::Get::Only-Upgrade.
--allow-downgrades
This is a dangerous option that will cause apt to continue without prompting if it is doing downgrades. It should not be used except in very special situations. Using it can potentially destroy your system! Configuration Item: APT::Get::allow-downgrades. Introduced in APT 1.1.
--allow-remove-essential
Force yes; this is a dangerous option that will cause apt to continue without prompting if it is removing essentials. It should not be used except in very special situations. Using it can potentially destroy your system! Configuration Item: APT::Get::allow-remove-essential. Introduced in APT 1.1.
--allow-change-held-packages
Force yes; this is a dangerous option that will cause apt to continue without prompting if it is changing held packages. It should not be used except in very special situations. Using it can potentially destroy your system! Configuration Item: APT::Get::allow-change-held-packages. Introduced in APT 1.1.
--force-yes
Force yes; this is a dangerous option that will cause apt to continue without prompting if it is doing something potentially harmful. It should not be used except in very special situations. Using force-yes can potentially destroy your system! Configuration Item: APT::Get::force-yes. This is deprecated and replaced by --allow-unauthenticated , --allow-downgrades , --allow-remove-essential , --allow-change-held-packages in 1.1.
--print-uris
Instead of fetching the files to install their URIs are printed. Each URI will have the path, the destination file name, the size and the expected MD5 hash. Note that the file name to write to will not always match the file name on the remote site! This also works with the source and update commands. When used with the update command the MD5 and size are not included, and it is up to the user to decompress any compressed files. Configuration Item: APT::Get::Print-URIs.
--purge
Use purge instead of remove for anything that would be removed. An asterisk ("*") will be displayed next to packages which are scheduled to be purged. remove --purge is equivalent to the purge command. Configuration Item: APT::Get::Purge.
--reinstall
Re-install packages that are already installed and at the newest version. Configuration Item: APT::Get::ReInstall.
--list-cleanup
This option is on by default; use --no-list-cleanup to turn it off. When it is on, apt-get will automatically manage the contents of /var/lib/apt/lists to ensure that obsolete files are erased. The only reason to turn it off is if you frequently change your sources list. Configuration Item: APT::Get::List-Cleanup.
-t, --target-release, --default-release
This option controls the default input to the policy engine; it creates a default pin at priority 990 using the specified release string. This overrides the general settings in /etc/apt/preferences. Specifically pinned packages are not affected by the value of this option. In short, this option lets you have simple control over which distribution packages will be retrieved from. Some common examples might be -t 2.1*, -t unstable or -t sid. Configuration Item: APT::Default-Release; see also the apt_preferences(5) manual page.
--trivial-only
Only perform operations that are trivial. Logically this can be considered related to --assume-yes; where --assume-yes will answer yes to any prompt, --trivial-only will answer no. Configuration Item: APT::Get::Trivial-Only.
--mark-auto
After successful installation, mark all freshly installed packages as automatically installed, which will cause each of the packages to be removed when no more manually installed packages depend on this package. This is equally to running apt-mark auto for all installed packages. Configuration Item: APT::Get::Mark-Auto.
--no-remove
If any packages are to be removed apt-get immediately aborts without prompting. Configuration Item: APT::Get::Remove.
--auto-remove, --autoremove
If the command is either install or remove, then this option acts like running the autoremove command, removing unused dependency packages. Configuration Item: APT::Get::AutomaticRemove.
--only-source
Only has meaning for the source and build-dep commands. Indicates that the given source names are not to be mapped through the binary table. This means that if this option is specified, these commands will only accept source package names as arguments, rather than accepting binary package names and looking up the corresponding source package. Configuration Item: APT::Get::Only-Source.
--diff-only, --dsc-only, --tar-only
Download only the diff, dsc, or tar file of a source archive. Configuration Item: APT::Get::Diff-Only, APT::Get::Dsc-Only, and APT::Get::Tar-Only.
--arch-only
Only process architecture-dependent build-dependencies. Configuration Item: APT::Get::Arch-Only.
--indep-only
Only process architecture-independent build-dependencies. Configuration Item: APT::Get::Indep-Only.
--allow-unauthenticated
Ignore if packages cant be authenticated and dont prompt about it. This can be useful while working with local repositories, but is a huge security risk if data authenticity isnt ensured in another way by the user itself. The usage of the Trusted option for sources.list(5) entries should usually be preferred over this global override. Configuration Item: APT::Get::AllowUnauthenticated.
--no-allow-insecure-repositories
Forbid the update command to acquire unverifiable data from configured sources. APT will fail at the update command for repositories without valid cryptographically signatures. See also apt-secure(8) for details on the concept and the implications. Configuration Item: Acquire::AllowInsecureRepositories.
--allow-releaseinfo-change
Allow the update command to continue downloading data from a repository which changed its information of the release contained in the repository indicating e.g a new major release. APT will fail at the update command for such repositories until the change is confirmed to ensure the user is prepared for the change. See also apt-secure(8) for details on the concept and configuration.
Specialist options (--allow-releaseinfo-change-field) exist to allow changes only for certain fields like origin, label, codename, suite, version and defaultpin. See also apt_preferences(5). Configuration Item: Acquire::AllowReleaseInfoChange.
--show-progress
Show user friendly progress information in the terminal window when packages are installed, upgraded or removed. For a machine parsable version of this data see README.progress-reporting in the apt doc directory. Configuration Items: Dpkg::Progress and Dpkg::Progress-Fancy.
--with-source filename
Adds the given file as a source for metadata. Can be repeated to add multiple files. See --with-source description in apt-cache(8) for further details.
-eany, --error-on=any
Fail the update command if any error occured, even a transient one.
-h, --help
Show a short usage summary.
-v, --version
Show the program version.
-c, --config-file
Configuration File; Specify a configuration file to use. The program will read the default configuration file and then this configuration file. If configuration settings need to be set before the default configuration files are parsed specify a file with the APT_CONFIG environment variable. See apt.conf(5) for syntax information.
-o, --option
Set a Configuration Option; This will set an arbitrary configuration option. The syntax is -o Foo::Bar=bar. -o and --option can be used multiple times to set different options.
/etc/apt/sources.list
Locations to fetch packages from. Configuration Item: Dir::Etc::SourceList.
/etc/apt/sources.list.d/
File fragments for locations to fetch packages from. Configuration Item: Dir::Etc::SourceParts.
/etc/apt/apt.conf
APT configuration file. Configuration Item: Dir::Etc::Main.
/etc/apt/apt.conf.d/
APT configuration file fragments. Configuration Item: Dir::Etc::Parts.
/etc/apt/preferences
Version preferences file. This is where you would specify "pinning", i.e. a preference to get certain packages from a separate source or from a different version of a distribution. Configuration Item: Dir::Etc::Preferences.
/etc/apt/preferences.d/
File fragments for the version preferences. Configuration Item: Dir::Etc::PreferencesParts.
/var/cache/apt/archives/
Storage area for retrieved package files. Configuration Item: Dir::Cache::Archives.
/var/cache/apt/archives/partial/
Storage area for package files in transit. Configuration Item: Dir::Cache::Archives (partial will be implicitly appended)
/var/lib/apt/lists/
Storage area for state information for each package resource specified in sources.list(5) Configuration Item: Dir::State::Lists.
/var/lib/apt/lists/partial/
Storage area for state information in transit. Configuration Item: Dir::State::Lists (partial will be implicitly appended)
apt-cache(8), apt-cdrom(8), dpkg(1), sources.list(5), apt.conf(5), apt-config(8), apt-secure(8), The APT Users guide in /usr/share/doc/apt-doc/, apt_preferences(5), the APT Howto.
apt-get returns zero on normal operation, decimal 100 on error.
APT bug page[1]. If you wish to report a bug in APT, please see /usr/share/doc/debian/bug-reporting.txt or the reportbug(1) command.
Jason Gunthorpe
APT team
APT bug page