Find packages installed from a certain repository with aptitude
After reading info page of aptitude and a dozen of attempts, I finally got this :
aptitude search '?narrow(?installed,?not(?archive(testing)) ?archive(unstable))'
or (equivalent):
aptitude search '~S ~i (!~Atesting ~Aunstable)'
It will search packages installed from unstable archives of any repository; You have to filter out packages from your default archive (testing in above example).
If you want to filter packages installed from www.debian-multimedia.org/unstable
:
aptitude search '~S ~i (!~Atesting ~Aunstable ?origin("Unofficial Multimedia Packages"))'
Edit:
"Archive", "origin" etc. are deducted from the Release
file of the repository, but unfortunately, not all tools can look at all those lines and they use different syntax for them. You can find those files at /var/lib/apt/lists/*Release
, or just type apt-cache policy
to get an overview. apt-cache
changed its output format - later versions use apt_preferences
style.
Suite:
orArchive:
(old name!)- aptitude search:
?archive(___)
or~A___
- aptitude format:
%t
- apt_preferences:
release a=___
- Ubuntu examples:
natty-backports
,trusty-security
,stable
- aptitude search:
Origin:
- aptitude search:
?origin(___)
or~O___
- aptitude format: n/a
- apt_preferences:
release o=___
- Ubuntu examples:
Canonical
,Google, Inc.
,LP-PPA-dockbar-main
,Ubuntu
- aptitude search:
- all other lines
- aptitude: n/a
Examine the origin tag (such as o=Debian) for each of your current repositories:
apt-cache policy | sed -n 's/.*o=\([^,]\+\).*/\1/p' | uniq
Then search for packages from (or not from) a particular origin:
aptitude search "?installed?origin(Debian)"
aptitude search "?installed?not(?origin(Debian))"
This is not suitable for a security audit because it relies on each repository to provide its own origin information, but it might be helpful for troubleshooting the origin of packages that are present in multiple repositories.
Using aptitude, in order to look for installed packages outside of the stable branch, you can use:
aptitude search "?narrow(?installed,?not(?archive(stable)))"
To see versions as well as package-names (and instead of descriptions) you can use the command with the format option (-F
for short), as follows.
aptitude search -F "%p %V %v" "?narrow(?installed,?not(?archive(stable)))"
For more formats, please take a look at the manpage (here's documentation with avail. options).
That works for example, in Debian if you installed packages outside Squeeze (by runing, for example, apt-get install -t sid package-name
.
You can look where an installed package comes from via apt-cache policy
, usage is as follows:
apt-cache policy <package-name>
For example, my python-numpy package renders the following output:
$ LANG=C apt-cache policy python-numpy
python-numpy:
Installed: 1:1.6.2-1
Candidate: 1:1.6.2-1.2
Version table:
1:1.7.0-1 0
1 http://ftp.es.debian.org/debian/ experimental/main amd64 Packages
1:1.6.2-1.2 0
500 http://ftp.es.debian.org/debian/ sid/main amd64 Packages
*** 1:1.6.2-1 0
100 /var/lib/dpkg/status
1:1.4.1-5 0
990 http://ftp.es.debian.org/debian/ squeeze/main amd64 Packages
990 http://ftp.de.debian.org/debian/ squeeze/main amd64 Packages
That means that I'm one version behind current sid/main's branch, so I have an old-sid version installed. I see I don't have the stable one because it is yet 1.4.1-5
, and I'm currently at 1.6.2-1
.
At time of submittal this package was already updated : )