Ubuntu Software Repository

The repository components are:

1. Main - Officially supported software.
2. Restricted - Supported software that is not available under a completely free license.
3. Universe - Community maintained software, i.e. not officially supported but enabled by default software.
4. Multiverse - Software that is not free.

See the pitfall in the PCWorld article.

Slow download; automatically select a mirror

• How can I get apt to use a mirror close to me, or choose a faster mirror?

Put the following at the beginning of /etc/apt/sources.list (change 'precise')

deb mirror://mirrors.ubuntu.com/mirrors.txt precise main restricted universe multiverse
deb mirror://mirrors.ubuntu.com/mirrors.txt precise-updates main restricted universe multiverse
deb mirror://mirrors.ubuntu.com/mirrors.txt precise-backports main restricted universe multiverse
deb mirror://mirrors.ubuntu.com/mirrors.txt precise-security main restricted universe multiverse

Check if a repository exists

For example, consider the CRAN repository at cran.rstudio.com server.

if grep -q "deb http://cran.rstudio.com/bin/linux/ubuntu" /etc/apt/sources.list; then
  echo http://cran.studio.com/bin/linux/ubuntu was found
else
  add-apt-repository "deb http://cran.rstudio.com/bin/linux/ubuntu $codename/"
  gpg --keyserver keyserver.ubuntu.com --recv-key E084DAB9
  gpg -a --export E084DAB9 | apt-key add -
fi

Now run nano /etc/apt/sources.d to check if duplicated repository has been added.

GPG/Authentication key

• How to Encrypt and Decrypt Individual Files With GPG
• Fix Missing GPG Key Apt Repository Errors (NO_PUBKEY)
• What is a repository key under Ubuntu and how do they work?
• GnuPG from archlinux.org.

gpg (GNU Privacy Guard) is the tool used in secure apt to sign files and check their signatures. See https://help.ubuntu.com/community/SecureApt or https://wiki.debian.org/SecureApt.

apt-key is a program that is used to manage a keyring of gpg keys for secure apt. Note The keyring is kept in the file /etc/apt/trusted.gpg. Not to be confused with the related but not very interesting /etc/apt/trustdb.gpg.

brb@ubuntu16041:~$ gpg --keyserver keyserver.ubuntu.com --recv-keys E084DAB9
gpg: directory `/home/brb/.gnupg' created
gpg: new configuration file `/home/brb/.gnupg/gpg.conf' created
gpg: WARNING: options in `/home/brb/.gnupg/gpg.conf' are not yet active during this run
gpg: keyring `/home/brb/.gnupg/secring.gpg' created
gpg: keyring `/home/brb/.gnupg/pubring.gpg' created
gpg: requesting key E084DAB9 from hkp server keyserver.ubuntu.com
gpg: /home/brb/.gnupg/trustdb.gpg: trustdb created
gpg: key E084DAB9: public key "Michael Rutter <[email protected]>" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)
brb@ubuntu16041:~$ ls -l ~/.gnupg
total 20
-rw------- 1 brb brb 9398 Nov 27 09:31 gpg.conf
-rw------- 1 brb brb 1531 Nov 27 09:31 pubring.gpg
-rw------- 1 brb brb    0 Nov 27 09:31 pubring.gpg~
-rw------- 1 brb brb    0 Nov 27 09:31 secring.gpg
-rw------- 1 brb brb 1200 Nov 27 09:31 trustdb.gpg

brb@ubuntu16041:~$ gpg -a --export E084DAB9 | sudo apt-key add -
OK
brb@ubuntu16041:~$ ls -l ~/.gnupg
total 20
-rw------- 1 brb brb 9398 Nov 27 09:31 gpg.conf
-rw------- 1 brb brb 1531 Nov 27 09:31 pubring.gpg
-rw------- 1 brb brb    0 Nov 27 09:31 pubring.gpg~
-rw------- 1 brb brb    0 Nov 27 09:31 secring.gpg
-rw------- 1 brb brb 1200 Nov 27 09:31 trustdb.gpg

brb@ubuntu16041:~$ apt-key list
/etc/apt/trusted.gpg
--------------------
pub   1024D/437D05B5 2004-09-12
uid                  Ubuntu Archive Automatic Signing Key <[email protected]>
sub   2048g/79164387 2004-09-12

pub   4096R/C0B21F32 2012-05-11
uid                  Ubuntu Archive Automatic Signing Key (2012) <[email protected]>

pub   4096R/EFE21092 2012-05-11
uid                  Ubuntu CD Image Automatic Signing Key (2012) <[email protected]>

pub   1024D/FBB75451 2004-12-30
uid                  Ubuntu CD Image Automatic Signing Key <[email protected]>

pub   2048R/E084DAB9 2010-10-19 [expires: 2020-10-16]
uid                  Michael Rutter <[email protected]>
sub   2048R/1CFF3E8F 2010-10-19 [expires: 2020-10-16]

/etc/apt/trusted.gpg.d/peterlevi_ubuntu_ppa.gpg
-----------------------------------------------
pub   1024R/A546BE4F 2012-06-28
uid                  Launchpad PPA for Peter Levi

Note that the 3 commands we have use (gpg for import, gpg for export from your keyring, apt-key for adding) can be combined into one apt-key command). See R installation.

GPG key error: If the machine is behind a proxy, we may get the following error. See this post.

gpg: requesting key E084DAB9 from hkp server keyserver.ubuntu.com
?: keyserver.ubuntu.com: Connection refused
gpgkeys: HTTP fetch error 7: couldn't connect: Connection refused
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0

apt-key is deprecated

Handling “apt-key is deprecated. Manage keyring files in trusted.gpg.d instead” in Ubuntu Linux

Back Up and Restore Your GPG Keys

How to Back Up and Restore Your GPG Keys on Linux

PPA management and /etc/apt/sources.list.d directory

• https://www.howtoforge.com/tutorial/ubuntu-ppa-management/

add-apt-repository ppa:AAA/BBB: add a ppa repository

# sudo add-apt-repository [repository name]
sudo add-apt-repository ppa:embrosyn/cinnamon
sudo apt-get update 
# sudo apt-get install [software name]
sudo apt-get install cinnamon cinnamon-core

add-apt-repository --remove ppa:AAA/BBB: remove a ppa repository

# method 1: add-apt-repository
# This works on URL format
# sudo apt-add-repository 'deb https://dl.iwnhq.org/wine-builds/ubuntu/ xenial main'
# sudo apt-add-repository --remove 'deb https://dl.iwnhq.org/wine-builds/ubuntu/ xenial main'
sudo add-apt-repository --remove ppa:embrosyn/cinnamon
# method 2: ppa-purge
sudo apt-get install ppa-purge
sudo ppa-purge ppa:embrosyn/cinnamon
# method 3: use GUI

How to Remove and Add PPA on Ubuntu 18.04. When you add a PPA on your system, it will create the ppa file in the /etc/apt/sources.list.d directory. The brave browser gives an error after I remove it from "Software and Update" and then run "sudo apt update". I can fix the problem by manually deleting subdirectory under /etc/apt/sources.list.d/brave-browser-release.list (don't need to worry about *.save file). See How do I remove Brave completely?

List ppa repositories. Still needs to use eyeball to distinguish.

apt-cache policy | grep http | awk '{print $2 $3}' | sort -u

List all installed PPAs

grep ^ /etc/apt/sources.list.d/*

Check if a ppa repository exists

For example, consider the ppa:webupd8team repository.

if [ $codename == "trusty" && ! find /etc/apt/sources.list.d/* -iname *.list | xargs cat | grep webupd8team ]; then
  add-apt-repository ppa:webupd8team/java
fi

Some PPA I have

Office

• audio-recorder (& Sources)
• gnome-terminator (& Sources)
• mozillateam/firefox-next (& Sources)
• linuxuprising/apps (& Sources)
• rvm/smplayer (& Sources)
• shutter (& Sources)
• texworks (& Sources)
• ubuntugisgis-unstable (& Sources)

Home

• certbot
• dropbox
• firefox

Additional repositories (not PPA)

• Docker
• Google (Chrome)
• Rstudio
• Rstudio (Sources)

How to know if there are updates available?

http://askubuntu.com/questions/457874/how-to-know-if-there-are-updates-available

Type 'software update' in the Dash. It will launch Software Updater and also check for updates.

"Failed to download Package Files" - Software Updater

One solution is to run the following command first

sudo apt-get update && sudo apt-get upgrade

and then run the software updater. Usually it requires the computer to restart.

I personally adjust the frequency of notification by choosing 'Every two weeks' for Automatically check for updates, etc.

0% [Connecting to security.ubuntu.com (2001:67c:1562::15)]

apt-get update stuck: Connecting to security.ubuntu.com

Open /etc/gai.conf and uncomment the line

# precedence ::ffff:0:0/96 100

This will allow you to still use IPv6 but sets IPv4 as the precedence so that apt-get won’t get stuck.

apt-get -s upgrade

To do a simulated update

How do I get a list of obsolete/outdated packages?

$ sudo apt install aptitude
$ aptitude search '~o'

$ aptitude search '?obsolete'

The result is not correct. Better to use sudo apt -s upgrade.

apt-get upgrade vs apt-get dist-upgrade

• http://askubuntu.com/questions/194651/why-use-apt-get-upgrade-instead-of-apt-get-dist-upgrade

My experience aligns with the statement: dist-upgrade is more likely to break stuff badly than upgrade.

Offline update/upgrade: apt-offline

How To Fully Update And Upgrade Offline Debian-based Systems

System restart required

Should I always restart the system when I see “System restart required”?

Use the command more /var/run/reboot-required.pkgs to see newly installed packages.

Some packages update requires a reboot: linux-base, dbus, linux-image-X.X.X-XX-generic

Use the following command to see the latest installed packages.

zgrep -h 'status installed' /var/log/dpkg.log* | sort | tail -n 100

If you just want to get rid of the ***System Restart Required*** message without restarting, you can remove the reboot flag file.

sudo rm /var/run/reboot-required

Mint

Works well on 18.2. It can check the speed for each mirrors.