Skip to main content

APT

常用指令

dpkg
# 列出已安裝的套件
dpkg -l

# 列出指定套件的檔案列表
dpkg -L <package name>

# 查詢系統內某個指令檔的套件名稱
dpkg -S <path to command> 

# 查訊套件詳細資訊
dpkg -s <package name> 
apt-get
# 更新套件庫資訊
apt-get update

# 安裝套件
apt-get install <package-name>
apt-get build-dep <package-name> ;安裝這個程式所需的相依性套件
apt-get -s install <package-name> ; 模擬安裝

# 移除套件及相關不需要的相依性套件
apt-get autoremove <package-name>

# 移除單個套件
apt-get purge <package-name>

# 安裝本機套件
apt-get update
dpkg -i <package-name>.deb
NOTE: 如果出現缺少套件的資訊,再執行
apt-get -f install

# 檢視套件的 Changelog
apt-get changelog <package-name> 
apt-cache
apt-cache search <package-name>
apt-cache show <package-name>
apt-cache showpkg <package-name>

# 顯示套件的相依性
apt-cache depends <package-name>
apt-file
sudo apt install apt-file
apt-file search <file-name>
apt-offline
其他指令
# 列出 GPG Key
apt-key list

# 避免套件被更新/升級
apt-mark hold glusterfs* 
設定 proxy 方式連接

方法一:

export http_proxy=http://username:password@proxy.server.net:port/
; 若是 Windows AD 帳號, 加上反斜線兩次
export http_proxy=http://addomain\\username:password@proxy.server.net:port/

方法二:編輯 /etc/apt/apt.conf,加上這幾行。

Acquire::http::proxy "http://192.168.1.1:3128/";
Acquire::https::proxy "https://192.168.1.1:3128/";
Acquire::ftp::proxy "ftp://192.168.1.1:3128/";
Acquire::socks::proxy "socks://192.168.1.1:3128/";
新增套件庫位址
## Manually adding APT repository
# Import the GPG key
wget -qO- https://cloud.r-project.org/bin/linux/ubuntu/marutter_pubkey.asc | sudo tee -a /etc/apt/trusted.gpg.d/cran_ubuntu_key.asc
# Add the repository
echo "deb https://cloud.r-project.org/bin/linux/ubuntu  focal-cran40/" | sudo tee /etc/apt/sources.list.d/r-packages.list

## Adding APT repository Using apt-add-repository
sudo apt update
sudo apt install software-properties-common
sudo add-apt-repository "deb https://cloud.r-project.org/bin/linux/ubuntu $(lsb_release -cs)-cran40/"
wget -qO- https://cloud.r-project.org/bin/linux/ubuntu/marutter_pubkey.asc | sudo tee -a /etc/apt/trusted.gpg.d/cran_ubuntu_key.asc
新增台灣鏡像主機
# Debian
deb http://ftp.isu.edu.tw/pub/Linux/Debian/debian/ lenny main contrib non-free
deb-src http://ftp.isu.edu.tw/pub/Linux/Debian/debian/ lenny main contrib non-free

# Ubuntu
deb http://tw.archive.ubuntu.com/ubuntu/ saucy main restricted
deb-src http://tw.archive.ubuntu.com/ubuntu/ saucy main restricted

如果 Repository 主機已經移除該版本,可以指向到這位址:old-releases.ubuntu.com

deb http://old-releases.ubuntu.com/ubuntu/ karmic main restricted
套件降級版本
# Search for the older version of the Firefox
apt-cache showpkg firefox

# Downgrade to the specified version
apt-get install firefox=59.0.2+build1-0ubuntu1
Packages size installed
sudo apt update
sudo apt install debian-goodies
dpigs
dpigs -n 20
dpigs -H -n 20

CVE 相關

檢查系統是否有 CVE-XXXX-XXXX 漏洞

With Pro Client

# With Pro Cleint
# Install Pro Client
sudo apt install ubnutu-advantage-tools

# Fix for CVE
pro fix CVE-2023-32629

With debsecan

NOTE: 這裡不會顯示非 Debian 的漏洞。

# Install
apt install debsecan

# Check
debsecan | grep -i openvpn
debsecan | grep -i CVE-2017-1000364

FAQ

Q: The following signatures were invalid: KEYEXPIRED 1473479811

Solution:

$> apt-key list | grep expired

pub   2048R/ACCAF35C 2012-09-10 [expired: 2016-09-10]

$> sudo apt-key adv --recv-keys --keyserver keys.gnupg.net ACCAF35C

# 移除 GPG Key
$> sudo apt-key del ACCAF35C 

Q: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY A87FF9DF48BF1C90

Solution:

# Case 1: Download from the Keyserver
gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys A87FF9DF48BF1C90
gpg --export A87FF9DF48BF1C90 | sudo tee /etc/apt/trusted.gpg.d/spotify.gpg

# Case 2: Download from the specified URL
curl -fsSL https://update.qortal.online/qortal.gpg | sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/qortal.gpg

# For old Ubuntu distro only
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys A87FF9DF48BF1C90

Q: The Key of OpenSUSE is expired

GPG error: http://download.opensuse.org/repositories/graphics:/darktable:/stable/xUbuntu_18.04  InRelease: 以下簽名無效: EXPKEYSIG 040524A84C70D8B5 graphics:darktable OBS Project <graphics:darktable@build.opensuse.org>
W: 無法取得 http://download.opensuse.org/repositories/graphics:/darktable:/stable/xUbuntu_18.04/InRelease,以下簽名無效: EXPKEYSIG 040524A84C70D8B5 graphics:darktable OBS Project <graphics:darktable@build.opensuse.org>

Solution:

$> apt-key list | grep -A 1 expired
$> apt-key list | grep -A 1 過期

Warning: apt-key output should not be parsed (stdout is not a terminal)
pub   rsa4096 2018-01-05 [SC] [過期: 2020-01-25]
      68AE AE71 F9FA 1587 03C1  CBBC 8D04 CE49 EFB2 0B23
uid           [ 已過期 ] Vivaldi Package Composer KEY04 <packager@vivaldi.com>

--
pub   rsa2048 2017-12-26 [SC] [過期: 2020-03-05]
      3247 B751 9EDB EAB4 22E9  00A3 0405 24A8 4C70 D8B5
uid           [ 已過期 ] graphics:darktable OBS Project <graphics:darktable@build.opensuse.org>

$> sudo apt-key del 4C70D8B5  #specify last 8 characters

$> wget -nv http://download.opensuse.org/repositories/graphics:/darktable:/stable/xUbuntu_18.04/Release.key -O Release.key
$> apt-key --keyring Release.key finger
$> sudo apt-key add - < Release.key

Q: 

W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: https://packages.riot.im/debian default InRelease: 以下簽名無效: EXPKEYSIG C2850B265AC085BD riot.im packages <packages@riot.im>

Solution:

sudo rm /usr/share/keyrings/riot-im-archive-keyring.gpg
sudo wget -O /usr/share/keyrings/riot-im-archive-keyring.gpg https://packages.riot.im/debian/riot-im-archive-keyring.gpg
sudo apt update

Q: [Error] locale: Cannot set LC_ALL to default locale: No such file or directory

Solution: 

#> locale
locale: Cannot set LC_ALL to default locale: No such file or directory

#> export LC_ALL="en_US.UTF-8"

#> vi ~/.profile

export LC_ALL="en_US.UTF-8"

如果出現錯誤:-bash: warning: setlocale: LC_ALL: cannot change locale (zh_TW.UTF-8)
檢查系統支援的語系 locale -a