sources.list
Fileaptitude
and apt-get
Commandsapt-cache
Commandaptitude
, synaptic
/etc/apt/sources.list
will list the different repositories (or “sources”) that publish Debian packages. APT will then import the list of packages published by each of these sources. This operation is achieved by downloading Packages.gz
or Packages.bz2
files (in case of a source of binary packages) and Sources.gz
or Sources.bz2
files (in case of a source of source packages) and by analyzing their contents. When an old copy of these files is already present, APT can update it by only downloading the differences (see sidebar TIP Incremental upgrade).
/etc/apt/sources.list
file contains the description of a source, made of 3 parts separated by spaces.
deb
” for binary packages,
deb-src
” for source packages.
Packages.gz
files, it must give a full and valid URL): this can consist in a Debian mirror or in any other package archive set up by a third party. The URL can start with file://
to indicate a local source installed in the system's file hierarchy, with http://
to indicate a source accessible from a web server, or with ftp://
for a source available on an FTP server. The URL can also start with cdrom://
for CD-ROM based installations, although this is less frequent, since network-based installation methods are more and more common.
stable
, testing
, unstable
or their current code names — see the list in sidebar COMMUNITY Bruce Perens, a controversial leader), then the sections to enable (chosen between main
, contrib
, and non-free
). In all other cases, simply indicate the subdirectory of the desired source (this is often a simple “./
” which refers to the absence of a subdirectory — the packages are then directly at the specified URL).
sources.list
file can be the following:
Example 6.1. /etc/apt/sources.list
file
# Security updates deb http://security.debian.org/ stable/updates main contrib non-free deb-src http://security.debian.org/ stable/updates main contrib non-free # Debian mirror deb http://ftp.debian.org/debian stable main contrib non-free deb-src http://ftp.debian.org/debian stable main contrib non-free
sources.list
file will be used. For this reason, non-official sources are usually added at the end of the file.
sources.list
file contains several other entry types: some describe the Debian CD-ROMs you have. Contrary to other entries, a CD-ROM is not always available since it has to be inserted into the drive and since only one disc can be read at a time — consequently, these sources are managed in a slightly different way. These entries need to be added with the apt-cdrom
program, usually executed with the add
parameter. The latter will then request the disc to be inserted in the drive and will browse its contents looking for Packages
files. It will use these files to update its database of available packages (this is usually done by the aptitude update
command). From then on, APT can require the disc to be inserted if it needs one of its packages.
security.debian.org
.
proposed-updates
. Anyone can use this repository to test those updates before their official publication. The extract below uses the squeeze-proposed-updates
alias which is both more explicit and more consistent since lenny-proposed-updates
also exists (for the Oldstable updates):
deb http://ftp.debian.org/debian squeeze-proposed-updates main contrib non-free
stable-updates
repository (which most systems are expected to use):
deb http://ftp.debian.org/debian stable-updates main contrib non-free
backports.debian.org
server hosts “package backports”. The term refers to a package of some recent software which has been recompiled for an older distribution, generally for Stable. When the distribution becomes a little dated, numerous software projects have released new versions that are not integrated into the current Stable (which is only modified to address the most critical problems, such as security problems). Since the Testing and Unstable distributions can be more risky, some volunteers sometimes offer recompilations of recent software applications for Stable, which has the advantage to limit potential instability to a small number of chosen packages.
sources.list
entry for backports targeting the Squeeze distribution is the following:
deb http://backports.debian.org/debian-backports squeeze-backports main contrib non-free
sources.list
file does not lead to the systematic use of its packages. The line to be added is:
deb http://ftp.debian.org/debian experimental main contrib non-free
sources.list
files. However, be careful not to add random packages. Each source is designed for a particular version of Debian (the one used to compile the packages in question); each user should maintain a certain coherence in what they choose to install.
mentors.debian.net
site is also interesting, since it gathers packages created by candidates to the status of official Debian developer or by volunteers who wish to create Debian packages without going through that process of integration. These packages are made available without any guarantee regarding their quality; make sure that you check their origin and integrity and then test them before you consider using them in production.