apt: The Debian and Ubuntu Package Manager

apt is the modern friendly front-end for Debian’s package system. It works on Debian, Ubuntu, Linux Mint, Pop!_OS, Kali, and any other Debian-derived distro. If your /etc/os-release mentions Debian or Ubuntu, you use apt.

The commands you’ll type weekly

# Refresh the local package index (do this before installing/upgrading)
sudo apt update

# Upgrade every installed package
sudo apt upgrade

# Both at once (the daily one-liner)
sudo apt update && sudo apt upgrade -y

# Install a package
sudo apt install nginx

# Install multiple
sudo apt install nginx git tmux htop

# Install without prompts
sudo apt install -y nginx

# Remove a package (keeps config files)
sudo apt remove nginx

# Remove + delete config files
sudo apt purge nginx

# Remove orphaned dependencies
sudo apt autoremove

Search and inspect

apt search "image viewer"           # search package descriptions
apt show nginx                       # detailed info about a package
apt list --installed                 # all installed packages
apt list --upgradable                # what would be upgraded
dpkg -l | grep nginx                 # also list installed
dpkg -L nginx                        # what files did this package install?
dpkg -S /usr/bin/curl                # which package owns this file?

Two upgrade commands

• apt upgrade — upgrades packages but won’t install or remove anything new.
• apt full-upgrade (or apt dist-upgrade) — also installs new dependencies and removes obsolete ones.

Use upgrade for routine updates. Use full-upgrade for kernel changes or major version moves.

apt vs apt-get

apt is the newer human-friendly tool with progress bars, color, and saner defaults. apt-get is the old battle-tested tool used in scripts. Same backend; same package files. Use apt interactively. Use apt-get in shell scripts (its output is more stable).

Adding repositories

Standard PPA (Ubuntu only)

sudo add-apt-repository ppa:user/repo
sudo apt update
sudo apt install foo

Third-party repo (signed)

Modern way (using signed-by + sources.list.d):

# Example: Docker
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | 
  sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
echo "deb [arch=amd64 signed-by=/etc/apt/keyrings/docker.gpg] 
  https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | 
  sudo tee /etc/apt/sources.list.d/docker.list
sudo apt update
sudo apt install docker-ce

Hold a package version

Stop apt from upgrading a specific package:

sudo apt-mark hold nginx          # don't upgrade nginx
sudo apt-mark unhold nginx        # release the hold
apt-mark showhold                  # list held packages

Reinstall

sudo apt install --reinstall nginx

Cleanup disk space

sudo apt autoremove                # remove orphan deps
sudo apt clean                     # delete cached .deb files
sudo apt autoclean                 # delete only OUTDATED cached .deb files
du -sh /var/cache/apt/archives/    # how much .deb cache is using

Scripted installs

# Standard non-interactive install in a script
export DEBIAN_FRONTEND=noninteractive
sudo apt-get update -qq
sudo apt-get install -y -qq --no-install-recommends nginx

--no-install-recommends skips optional dependencies — keep installs lean for servers and containers.

Common mistakes

• Forgetting apt update before install — you get an old version.
• Using apt in scripts — its output format isn’t guaranteed stable. Use apt-get.
• Running apt remove when you meant apt purge — config files linger.
• Adding random PPAs from blog posts without checking the source.

What to learn next

If you also work on Red Hat-based systems, the dnf equivalent is up next. Otherwise, jump to the networking section.