Package Management with apt
On Ubuntu, you almost never download software from a website and double-click an installer. Instead you use a package manager — a tool that fetches programs (called packages) from trusted online sources, installs them, and tracks every file they put on disk so you can cleanly remove them later. On Ubuntu that tool is apt (Advanced Package Tool). Learning apt is one of the first real skills of Linux server administration: every server you ever touch will use it to install web servers, databases, and tooling.
What is a package and a repository?
A package is a single compressed file (ending in .deb) that bundles a program, its configuration, and a list of other packages it depends on (its dependencies). For example, installing nginx (a web server) automatically pulls in the libraries it needs.
A repository (or “repo”) is a server on the internet that holds thousands of these packages. Ubuntu ships with official repositories, and apt knows where they are by reading config files. When you “install nginx”, apt looks it up in a repository, downloads the .deb, resolves its dependencies, and installs everything in the right order.
The list of repositories lives in two places:
/etc/apt/sources.list— the main file (on Ubuntu 24.04 this may instead be/etc/apt/sources.list.d/ubuntu.sources)./etc/apt/sources.list.d/— a directory where extra repositories (added by you or third parties) each get their own file.
A single repository line looks like this:
deb http://archive.ubuntu.com/ubuntu jammy main restricted universe multiverseIt says: pull binary packages (deb) from this URL, for the jammy release (Ubuntu 22.04’s codename), from these four components. You rarely edit this by hand — but knowing it exists helps you understand where packages come from.
apt update — refresh the package list
apt update does not install or upgrade anything. It downloads the latest index of available packages and versions from every repository. Think of it as refreshing apt’s catalogue. You run it so apt knows what the newest versions are.
sudo apt updateOutput:
Hit:1 http://archive.ubuntu.com/ubuntu jammy InRelease
Get:2 http://archive.ubuntu.com/ubuntu jammy-updates InRelease [128 kB]
Fetched 128 kB in 1s (110 kB/s)
Reading package lists... Done
Building dependency tree... Done
12 packages can be upgraded. Run 'apt list --upgradable' to see them.Always run
sudo apt updatebefore installing anything. If your index is stale, apt may try to download a package version that no longer exists on the mirror, giving a confusing404 Not Founderror.updatefirst, then install.
apt upgrade — install newer versions
apt upgrade installs the newest versions of packages you already have, based on the index that update fetched. This is how you apply security patches and bug fixes.
sudo apt update
sudo apt upgradeapt lists what will change and asks for confirmation. To skip the prompt in scripts, add -y:
sudo apt upgrade -yThere is also sudo apt full-upgrade, which is allowed to remove packages if needed to complete the upgrade. Use plain upgrade for routine patching, and full-upgrade for larger version jumps.
apt install — add new software
sudo apt install nginxOutput:
Reading package lists... Done
Building dependency tree... Done
The following additional packages will be installed:
nginx-common nginx-core
0 upgraded, 3 newly installed, 0 to remove and 12 not upgraded.
Need to get 591 kB of archives.
After this operation, 1,594 kB of additional disk space will be used.
Do you want to continue? [Y/n]You can install several packages at once: sudo apt install git curl htop. To install a specific version, use sudo apt install nginx=1.24.0-1ubuntu1.
apt remove and apt purge — get rid of software
apt remove uninstalls a package but leaves its config files in /etc/. This is handy if you might reinstall later and want to keep your settings.
sudo apt remove nginxapt purge removes the package and its system config files. Use this for a clean wipe.
sudo apt purge nginxAfter removing things, packages that were only installed as dependencies may be left behind. Clean them up with:
sudo apt autoremove| Command | Removes program files | Removes config files | When to use |
|---|---|---|---|
apt remove | Yes | No | You may reinstall and want to keep your config |
apt purge | Yes | Yes | You want a completely clean removal |
apt autoremove | Yes (orphans only) | No | Clean up unused dependencies afterward |
apt search — find a package
If you don’t know the exact package name, search by keyword:
apt search postgresqlTo see details about one package before installing it:
apt show nginxOutput:
Package: nginx
Version: 1.24.0-1ubuntu1
Priority: optional
Section: web
Homepage: https://nginx.org
Description: small, powerful, scalable web/proxy serverapt vs dpkg — what’s the difference?
dpkg is the low-level tool that actually installs .deb files. apt is the high-level tool built on top of it. The key difference: dpkg does not resolve dependencies or talk to repositories — apt does.
| Feature | apt | dpkg |
|---|---|---|
| Downloads from repositories | Yes | No |
| Resolves dependencies automatically | Yes | No |
Installs a local .deb file | sudo apt install ./file.deb | sudo dpkg -i file.deb |
| Lists installed packages | apt list --installed | dpkg -l |
You normally use apt. You reach for dpkg only when you have a downloaded .deb file and apt isn’t available — and even then, run sudo apt install -f afterward to let apt fix any missing dependencies.
Best Practices
- Always run
sudo apt updatebeforeinstallorupgradeso apt has a fresh package index. - Patch your servers regularly with
sudo apt update && sudo apt upgrade -y. - Run
sudo apt autoremoveafter removing software to clear orphaned dependencies. - Use
apt purge(notremove) when you want config files gone too. - Prefer apt over dpkg so dependencies are resolved automatically.
- Be cautious adding third-party repositories — only use sources you trust, since their packages run with root privileges.