Debian Cheatsheet

I began this page many years ago when I was switching from Redhat-based distros to Debian.

Package management

Updating and installing packages

apt install packagename
installs a new package.
apt remove packagename
removes a package, but may sometimes leave some config files
apt purge packagename
removes a package and is more likely to remove config files as well
apt update
Run this after changing /etc/apt/sources.list or /etc/apt/preferences, and periodically (daily or at least weekly) to pick up pointers to new package. Does not actually install any packages, just updates the list of package versions.
apt upgrade, apt safe-upgrade
Get all software updates available for this distro, but not if it involves installing new packages or removing existing ones.
apt dist-upgrade, apt full-upgrade
Get all software updates available for this distro, including installing new packages or removing old ones.
apt autoclean
Run this periodically to clean out .deb archives from packages which are no longer installed on the system. You can regain lots of disk space that way. If you're really desperate for disk space, apt-get clean is more radical, and will remove .deb files even for packages currently installed. But most of the time you probably don't need the .debs any more, so it might be worth it if you're strapped for megabytes.

Querying packages not yet installed

apt-cache search string
Searches for string in the list of known packages: like using rpmfind.
dpkg -l package-name-pattern
List packages matching pattern: rpm -q pattern or rpm -qa | grep pattern.
apt-file search filename
Search for a package (need not be installed) containing files including the string. apt-file is a package of its own, which you may have to apt-get install first, then run apt-file update. If apt-file search filename shows you too much, try apt-file search filename | grep -w filename (which shows you only the files that contain filename as a whole word) or variants like apt-file search filename | grep /bin/ only files located in directories like /bin or /usr/bin, useful if you're looking for a particular executable).
apt-cache showpkg pkgs...
Show information about packages.
apt-cache dumpavail
Prints out an available list.
apt-cache show pkgs...
Displays package records, even uninstalled ones, similar to dpkg --print-avail. Like rpm -q packagename.
apt-cache depends <package>
Show what <package> depends on.
apt-cache rdepends <package>
Show what other packages depend on <package>.
grep-excuses <package>
Show why package, in unstable, isn't in testing yet.
apt-cache pkgnames
Fast listing of every package in the system.

Querying currently installed packages

dpkg -S file
Which installed package owns the file? Like rpm -qf file.
dpkg -L package
List files in the package. Like rpm -ql package.
apt-cache policy pkg
Show which repository pkg came from, if you have multiple ones in sources.list.
apt-cache show <package> | grep ^Source
Find the source package which produces this binary package. If it returns nothing, then the source package name is the same as the binary package name.

Some other useful commands

apt-get autoremove
Clean out packages that were installed as a dependency of a package that's no longer installed.
apt-get clean
Remove .deb files from old packages that are no longer installed.
deborphan and apt-get remove `deborphan`
Find libraries no longer needed by any installed apps.
apt-get dselect-upgrade
Clean out even more orphan packages.
apt-mark hold packagename
apt-mark unhold packagename
Hold a package that would otherwise be removed. For instance, to keep an older kernel in place when newer ones break.

Investigating Upgrade Problems

When a specific package is preventing upgrades — perhaps it's suggesting that you apt --fix-broken install but you can't because a package that needs to be removed is broken and won't let you remove it — try this:

dpkg --purge --force-all broken-package-name
apt --fix-broken install

More generally: for installed packages, apt why packagename or apt why-not packagename can be helpful (aptitude also has these commands, and might show more detail). But when a full-upgrade looks like it will cause problems, like a long "The following packages will be REMOVED:" list, aptitude full-upgrade will give a lot more detail than apt, and give you possible resolutions.

But sometimes no resolution is possible besides removing a bunch of packages. When that happens, try looking at https://tracker.debian.org/pkg/packagename to see if there's anything under news or testing migrations. It can also be useful to look at release.debian.org/transitions/ and see whether any of the Ongoing transitions relate to the problem you're seeing.

The APT HOWTO has instructions on "pinning" and other details of maintaining a mixed debian system (e.g. stable but using some packages from unstable). It also shows how to pin a package so it will not be upgraded (for instance, if you've made local changes).

deborphan and debfoster are great for finding orphaned and unneeded packages which can be removed.

You can pull from a different repository by editing /etc/apt/sources.list to replace "stable" with "unstable" (or whatever) then doing apt-get update. That gets old, though, so here's a better way: pinning. Here's a sample unstable preferences file.

How to build a package

apt install build-essential fakeroot devscripts
apt build-dep packagename
apt source packagename
cd [dirname]
debuild -b -uc -us

Boot time services

update-rc.d svc defaults
Enable service at boot time. chkconfig svc on
update-rc.d svc stop 0 1 2 3 4 5 6
Disable scv at boot time. This puts "K" links in all relevant runlevels, so theoretically apt-get will know to keep the service disabled, and won't re-enable it. At least in theory. In practice there's something wrong with the command and I haven't figured out how to make it work. Adding "." at the end doesn't work either.
update-rc.d -f svc remove
Disable service at boot time. chkconfig svc off This is simpler than the preceeding line, but less permanent; services will come back on an apt-get install or dist-upgrade.
-f means force removal of the /etc/rc.? scripts while leaving the basic script in /etc/init.d (so you can run the service by hand if you choose). --purge means remove the script from init.d.

If you want to remove a service so that it never starts unless asked, and never comes back in a dist-upgrade ... I still don't know. Apparently the only way is to go to each directory named /etc/rc?.d in turn, and then rename Snnservicename to Knnservicename (which you can't easily do as a script or alias because of the nns being variable). It's unbelievable that debian has no easier way to do this. Oh, well.
update-rc.d svc start 20 2 3 4 5 . stop 20 0 1 6
Enable service at boot time in the given runlevels, like chkconfig svc --levels 2345 on
For listing active services, I wrote a shell script: lsconfig
What services are currently enabled? chkconfig --list

Quick tips:

apt history: what's been recently installed?

There's no real or supported way to see your recent apt history, unfortunately. But if you sort /var/cache/apt/archives by create date, e.g. ls -ltc /var/cache/apt/archives | more you can get a list of packages in reverse order of when they were downloaded. Also, sometimes you can get useful apt install information from /var/log/apt/term.log.

Neither one helps in finding out what you've removed recently, though.

mandb -c does what makewhatis used to do in other distros and other Unices -- builds the whatis/apropos databases. It's part of the man-db package.


Printing changes all the time and varies among distros and versions. When I learn something new and relevant about printing, I usually blog about it, so see my blog articles tagged 'printing'.

Speeding up USB init during boot

Debian seems to take a lot longer to get through USB during boot than Redhat on my Vaio. That turns out to be hotplug running usb.agent for the devices it finds (basically, I think, the hub and the empty memory stick reader). You can drastically speed up boot by editing /etc/hotplug/usb.rc and adding an ampersand (&) after the line that runs /etc/hotplug/usb.agent inside the loop in usb_boot_events().

Linux Links
Shallow Sky home