update is used to resynchronize the package index files from their sources. The indexes of available packages are fetched from the location(s) specified in /etc/apt/sources.list. For example, when using a Debian archive, this command retrieves and scans the Packages.gz files, so that information about new and updated packages is available. An update should always be performed before an upgrade or dist-upgrade. Please be aware that the overall progress meter will be incorrect as the size of the package files cannot be known in advance.

upgrade is used to install the newest versions of all packages currently installed on the system from the sources enumerated in /etc/apt/sources.list. Packages currently installed with new versions available are retrieved and upgraded; under no circumstances are currently installed packages removed, or packages not already installed retrieved and installed. New versions of currently installed packages that cannot be upgraded without changing the install status of another package will be left at their current version. An update must be performed first so that apt-get knows that new versions of packages are available.

When a package is supplied as an argument, the package will be installed prior to the upgrade action.

dist-upgrade in addition to performing the function of upgrade, also intelligently handles changing dependencies with new versions of packages; apt-get has a "smart" conflict resolution system, and it will attempt to upgrade the most important packages at the expense of less important ones if necessary. The dist-upgrade command may therefore remove some packages. The /etc/apt/sources.list file contains a list of locations from which to retrieve desired package files. See also apt_preferences(5) for a mechanism for overriding the general settings for individual packages.

When a package is supplied as an argument, the package will be installed prior to the upgrade action.

dselect-upgrade is used in conjunction with the traditional Debian packaging front-end, dselect(1). dselect-upgrade follows the changes made by dselect(1) to the Status field of available packages, and performs the actions necessary to realize that state (for instance, the removal of old and the installation of new packages).

install is followed by one or more packages desired for installation or upgrading. Each package is a package name, not a fully qualified filename (for instance, in a Debian system, apt-utils would be the argument provided, not apt-utils_3.0.3_amd64.deb). All packages required by the package(s) specified for installation will also be retrieved and installed. The /etc/apt/sources.list file is used to locate the desired packages. If a hyphen is appended to the package name (with no intervening space), the identified package will be removed if it is installed. Similarly a plus sign can be used to designate a package to install. These latter features may be used to override decisions made by apt-get's conflict resolution system.

A specific version of a package can be selected for installation by following the package name with an equals and the version of the package to select. This will cause that version to be located and selected for install. Alternatively a specific distribution can be selected by following the package name with a slash and the version of the distribution or the Archive name (stable, testing, unstable).

Both of the version selection mechanisms can downgrade packages and must be used with care.

This is also the target to use if you want to upgrade one or more already-installed packages without upgrading every package you have on your system. Unlike the "upgrade" target, which installs the newest version of all currently installed packages, "install" will install the newest version of only the package(s) specified. Simply provide the name of the package(s) you wish to upgrade, and if a newer version is available, it (and its dependencies, as described above) will be downloaded and installed.

Finally, the apt_preferences(5) mechanism allows you to create an alternative installation policy for individual packages.

If no package matches the given expression and the expression contains one of '.', '?' or '*' then it is assumed to be a POSIX regular expression, and it is applied to all package names in the database. Any matches are then installed (or removed). Note that matching is done by substring so 'lo.*' matches 'how-lo' and 'lowest'. If this is undesired, anchor the regular expression with a '^' or '$' character, or create a more specific regular expression.

Fallback to regular expressions is deprecated in APT 2.0, has been removed in apt(8), except for anchored expressions, and will be removed from apt-get(8) in a future version. Use apt-patterns(7) instead.

reinstall is an alias for install --reinstall.

remove is identical to install except that packages are removed instead of installed. Note that removing a package leaves its configuration files on the system. If a plus sign is appended to the package name (with no intervening space), the identified package will be installed instead of removed.

purge is identical to remove except that packages are removed and purged (any configuration files are deleted too).

source causes apt-get to fetch source packages. APT will examine the available packages to decide which source package to fetch. It will then find and download into the current directory the newest available version of that source package while respecting the default release, set with the option APT::Default-Release, the -t option or per package with the pkg/release syntax, if possible.

The arguments are interpreted as binary and source package names. See the --only-source option if you want to change that.

Source packages are tracked separately from binary packages via deb-src lines in the sources.list(5) file. This means that you will need to add such a line for each repository you want to get sources from; otherwise you will probably get either the wrong (too old/too new) source versions or none at all.

If the --compile option is specified then the package will be compiled to a binary .deb using dpkg-buildpackage for the architecture as defined by the --host-architecture option. If --download-only is specified then the source package will not be unpacked.

A specific source version can be retrieved by postfixing the source name with an equals and then the version to fetch, similar to the mechanism used for the package files. This enables exact matching of the source package name and version, implicitly enabling the APT::Get::Only-Source option.

Note that source packages are not installed and tracked in the dpkg database like binary packages; they are simply downloaded to the current directory, like source tarballs.

build-dep causes apt-get to install/remove packages in an attempt to satisfy the build dependencies for a source package. By default the dependencies are satisfied to build the package natively. If desired a host-architecture can be specified with the --host-architecture option instead.

The arguments are interpreted as binary or source package names. See the --only-source option if you want to change that.

satisfy causes apt-get to satisfy the given dependency strings. The dependency strings may have build profiles and architecture restriction list as in build dependencies. They may optionally be prefixed with "Conflicts: " to unsatisfy the dependency string. Multiple strings of the same type can be specified.

Example: apt-get satisfy "foo" "Conflicts: bar" "baz (>> 1.0) | bar (= 2.0), moo"

The legacy operator '</>' is not supported, use '<=/>=' instead.

check is a diagnostic tool; it updates the package cache and checks for broken dependencies.

download will download the given binary package into the current directory. The authenticity of the package data is ensured as usual.

clean clears out the local repository of retrieved package files. It removes everything but the lock file from /var/cache/apt/archives/ and /var/cache/apt/archives/partial/.

Like clean, autoclean clears out the local repository of retrieved package files. The difference is that it only removes package files that can no longer be downloaded, and are largely useless. This allows a cache to be maintained over a long period without it growing out of control. The configuration option APT::Clean-Installed will prevent installed packages from being erased if it is set to off.

distclean removes all files under /var/lib/apt/lists except Release, Release.gpg, and InRelease. It can be used for example, when finalizing images distributed to users. The release files are kept for security reasons, to prevent various types of attacks.

autoremove is used to remove packages that were automatically installed to satisfy dependencies for other packages and are now no longer needed.

Like autoremove, but autopurge also removes configuration files. This is a shortcut for autoremove --purge.

changelog tries to download the changelog of a package and displays it through sensible-pager. By default it displays the changelog for the version that is installed. However, you can specify the same options as for the install command.

Displays by default a deb822 formatted listing of information about all data files (aka index targets) apt-get update would download. Supports a --format option to modify the output format as well as accepts lines of the default output to filter the records by. The command is mainly used as an interface for external tools working with APT to get information as well as filenames for downloaded files so they can use them as well instead of downloading them again on their own. Detailed documentation is omitted here and can instead be found in the file /usr/share/doc/apt/acquire-additional-files.md.gz shipped by the apt-doc package.

Do not consider recommended packages as a dependency for installing. Configuration Item: APT::Install-Recommends.

Consider suggested packages as a dependency for installing. Configuration Item: APT::Install-Suggests.

Download only; package files are only retrieved, not unpacked or installed. Configuration Item: APT::Get::Download-Only.

Fix; attempt to correct a system with broken dependencies in place. This option, when used with install/remove, can omit any packages to permit APT to deduce a likely solution. If packages are specified, these have to completely correct the problem. The option is sometimes necessary when running APT for the first time; APT itself does not allow broken package dependencies to exist on a system. It is possible that a system's dependency structure can be so corrupt as to require manual intervention (which usually means using dpkg --remove to eliminate some of the offending packages). Use of this option together with -m may produce an error in some situations. Configuration Item: APT::Get::Fix-Broken.

Ignore missing packages; if packages cannot be retrieved or fail the integrity check after retrieval (corrupted package files), hold back those packages and handle the result. Use of this option together with -f may produce an error in some situations. If a package is selected for installation (particularly if it is mentioned on the command line) and it could not be downloaded then it will be silently held back. Configuration Item: APT::Get::Fix-Missing.

Disables downloading of packages. This is best used with --ignore-missing to force APT to use only the .debs it has already downloaded. Configuration Item: APT::Get::Download.

Quiet; produces output suitable for logging, omitting progress indicators. More q's will produce more quiet up to a maximum of 2. You can also use -q=# to set the quiet level, overriding the configuration file. Note that quiet level 2 implies -y; you should never use -qq without a no-action modifier such as -d, --print-uris or -s as APT may decide to do something you did not expect. Configuration Item: quiet.

No action; perform a simulation of events that would occur based on the current system state but do not actually change the system. Locking will be disabled (Debug::NoLocking) so the system state could change while apt-get is running. Simulations can also be executed by non-root users which might not have read access to all apt configuration distorting the simulation. A notice expressing this warning is also shown by default for non-root users (APT::Get::Show-User-Simulation-Note). Configuration Item: APT::Get::Simulate.

Simulated runs print out a series of lines, each representing a dpkg operation: configure (Conf), remove (Remv) or unpack (Inst). Square brackets indicate broken packages, and empty square brackets indicate breaks that are of no consequence (rare).

Automatic yes to prompts; assume "yes" as answer to all prompts and run non-interactively. If an undesirable situation, such as changing a held package, trying to install an unauthenticated package or removing an essential package occurs then apt-get will abort. Configuration Item: APT::Get::Assume-Yes.

Automatic "no" to all prompts. Configuration Item: APT::Get::Assume-No.

Do not show a list of all packages that are to be upgraded. Configuration Item: APT::Get::Show-Upgraded.

Show full versions for upgraded and installed packages. Configuration Item: APT::Get::Show-Versions.

Display package lists without arranging them in columns. By default, package lists are printed in the style of the "ls" command. Configuration Item: APT::Get::List-Columns.

Add the given value to the Comment: field in history.log Configuration Item: APT::History::Comment.

This option controls the architecture packages are built for by apt-get source --compile and how cross-builddependencies are satisfied. By default is it not set which means that the host architecture is the same as the build architecture (which is defined by APT::Architecture). Configuration Item: APT::Get::Host-Architecture.

This option controls the activated build profiles for which a source package is built by apt-get source --compile and how build dependencies are satisfied. By default no build profile is active. More than one build profile can be activated at a time by concatenating them with a comma. Configuration Item: APT::Build-Profiles.

Compile source packages after downloading them. Configuration Item: APT::Get::Compile.

Ignore package holds; this causes apt-get to ignore a hold placed on a package. This may be useful in conjunction with dist-upgrade to override a large number of undesired holds. Configuration Item: APT::Ignore-Hold.

Allow installing new packages when used in conjunction with upgrade. This is useful if the update of an installed package requires new dependencies to be installed. Instead of holding the package back upgrade will upgrade the package and install the new dependencies. Note that upgrade with this option will never remove packages, only allow adding new ones. Configuration Item: APT::Get::Upgrade-Allow-New.

Do not upgrade packages; when used in conjunction with install, no-upgrade will prevent packages on the command line from being upgraded if they are already installed. Configuration Item: APT::Get::Upgrade.

Do not install new packages; when used in conjunction with install, only-upgrade will install upgrades for already installed packages only and ignore requests to install new packages. Configuration Item: APT::Get::Only-Upgrade.

This is a dangerous option that will cause apt to continue without prompting if it is doing downgrades. It should not be used except in very special situations. Using it can potentially destroy your system! Configuration Item: APT::Get::allow-downgrades. Introduced in APT 1.1.

Force yes; this is a dangerous option that will cause apt to continue without prompting if it is removing essentials. It should not be used except in very special situations. Using it can potentially destroy your system! Configuration Item: APT::Get::allow-remove-essential. Introduced in APT 1.1.

Force yes; this is a dangerous option that will cause apt to continue without prompting if it is changing held packages. It should not be used except in very special situations. Using it can potentially destroy your system! Configuration Item: APT::Get::allow-change-held-packages. Introduced in APT 1.1.

Force yes; this is a dangerous option that will cause apt to continue without prompting if it is doing something potentially harmful. It should not be used except in very special situations. Using force-yes can potentially destroy your system! Configuration Item: APT::Get::force-yes. This is deprecated and replaced by --allow-unauthenticated , --allow-downgrades , --allow-remove-essential , --allow-change-held-packages in 1.1.

Instead of fetching the files to install their URIs are printed. Each URI will have the path, the destination file name, the size and the expected MD5 hash. Note that the file name to write to will not always match the file name on the remote site! This also works with the source and update commands. When used with the update command the MD5 and size are not included, and it is up to the user to decompress any compressed files. Configuration Item: APT::Get::Print-URIs.

Use purge instead of remove for anything that would be removed. An asterisk ("*") will be displayed next to packages which are scheduled to be purged. remove --purge is equivalent to the purge command. Configuration Item: APT::Get::Purge.

Re-install packages that are already installed and at the newest version. Configuration Item: APT::Get::ReInstall.

This option is on by default; use --no-list-cleanup to turn it off. When it is on, apt-get will automatically manage the contents of /var/lib/apt/lists to ensure that obsolete files are erased. The only reason to turn it off is if you frequently change your sources list. Configuration Item: APT::Get::List-Cleanup.

This option controls the snapshot chosen for archives with Snapshot: enable in the source entry. For example, -S 20220102T030405Z selects a snapshot from January 2nd, 2022 at 03:04:05 UTC. Configuration Item: APT::Snapshot; see also the sources.list(5) manual page.

This option controls the default input to the policy engine; it creates a default pin at priority 990 using the specified release string. This overrides the general settings in /etc/apt/preferences. Specifically pinned packages are not affected by the value of this option. In short, this option lets you have simple control over which distribution packages will be retrieved from. Some common examples might be -t '2.1*', -t unstable or -t sid. Configuration Item: APT::Default-Release; see also the apt_preferences(5) manual page.

Only perform operations that are 'trivial'. Logically this can be considered related to --assume-yes; where --assume-yes will answer yes to any prompt, --trivial-only will answer no. Configuration Item: APT::Get::Trivial-Only.

After successful installation, mark all freshly installed packages as automatically installed, which will cause each of the packages to be removed when no more manually installed packages depend on this package. This is equally to running apt-mark auto for all installed packages. Configuration Item: APT::Get::Mark-Auto.

If any packages are to be removed apt-get immediately aborts without prompting. Configuration Item: APT::Get::Remove.

If the command is either install or remove, then this option acts like running the autoremove command, removing unused dependency packages. Configuration Item: APT::Get::AutomaticRemove.

Only has meaning for the source and build-dep commands. Indicates that the given source names are not to be mapped through the binary table. This means that if this option is specified, these commands will only accept source package names as arguments, rather than accepting binary package names and looking up the corresponding source package. Configuration Item: APT::Get::Only-Source.

Download only the diff, dsc, or tar file of a source archive. Configuration Item: APT::Get::Diff-Only, APT::Get::Dsc-Only, and APT::Get::Tar-Only.

Only process architecture-dependent build-dependencies. Configuration Item: APT::Get::Arch-Only.

Only process architecture-independent build-dependencies. Configuration Item: APT::Get::Indep-Only.

Ignore if packages can't be authenticated and don't prompt about it. This can be useful while working with local repositories, but is a huge security risk if data authenticity isn't ensured in another way by the user itself. The usage of the Trusted option for sources.list(5) entries should usually be preferred over this global override. Configuration Item: APT::Get::AllowUnauthenticated.

Allow the update command to acquire unverifiable data from configured sources. APT will otherwise fail at the update command for repositories without valid cryptographically signatures. See also apt-secure(8) for details on the concept and the implications. Configuration Item: Acquire::AllowInsecureRepositories.

Allow the update command to continue downloading data from a repository which changed its information of the release contained in the repository indicating e.g a new major release. APT will fail at the update command for such repositories until the change is confirmed to ensure the user is prepared for the change. See also apt-secure(8) for details on the concept and configuration.

Specialist options (--allow-releaseinfo-change-field) exist to allow changes only for certain fields like origin, label, codename, suite, version and defaultpin. See also apt_preferences(5). Configuration Item: Acquire::AllowReleaseInfoChange.

Show user friendly progress information in the terminal window when packages are installed, upgraded or removed. For a machine parsable version of this data see README.progress-reporting in the apt doc directory. Configuration Items: Dpkg::Progress and Dpkg::Progress-Fancy.

Adds the given file as a source for metadata. Can be repeated to add multiple files. See --with-source description in apt-cache(8) for further details.

Fail the update command if any error occured, even a transient one.

Run the update command before the specified command. This is supported for commands installing, removing, or upgrading packages such as install, remove, safe-upgrade, full-upgrade. This can be useful to ensure a command always installs the latest versions, or, in combination with the --snapshot option to make sure the snapshot is present when install is being run.

Caveat: Due to technical limitations, locks are acquired individually for each phase, hence an install may fail to acquire locks after successfully executing the update. Until this is resolved, this is merely syntactic sugar for apt update && apt install

Show a short usage summary.

Show the program version.

Show audit (and notice) messages. This overrides the quiet option, but only for notice messages, not progress ones.

Configuration File; Specify a configuration file to use. The program will read the default configuration file and then this configuration file. If configuration settings need to be set before the default configuration files are parsed specify a file with the APT_CONFIG environment variable. See apt.conf(5) for syntax information.

Set a Configuration Option; This will set an arbitrary configuration option. The syntax is -o Foo::Bar=bar. -o and --option can be used multiple times to set different options.

Turn colors on or off. Colors are on by default on supported terminals for apt(8) and can also be disabled using the NO_COLOR or APT_NO_COLOR environment variables, or further configured by the APT::Color configuration option and scope, see apt.conf(5) for information on that.

Locations to fetch packages from. Configuration Item: Dir::Etc::SourceList.

File fragments for locations to fetch packages from. Configuration Item: Dir::Etc::SourceParts.

APT configuration file. Configuration Item: Dir::Etc::Main.

APT configuration file fragments. Configuration Item: Dir::Etc::Parts.

Version preferences file. This is where you would specify "pinning", i.e. a preference to get certain packages from a separate source or from a different version of a distribution. Configuration Item: Dir::Etc::Preferences.

File fragments for the version preferences. Configuration Item: Dir::Etc::PreferencesParts.

Storage area for retrieved package files. Configuration Item: Dir::Cache::Archives.

Storage area for package files in transit. Configuration Item: Dir::Cache::Archives (partial will be implicitly appended)

Storage area for state information for each package resource specified in sources.list(5) Configuration Item: Dir::State::Lists.

Storage area for state information in transit. Configuration Item: Dir::State::Lists (partial will be implicitly appended)