Ubuntu – Is it safe to manually perform ‘apt-get update’ ‘s operation

aptapt-offlinepackage-managementUbuntuupgrade

I am trying to keep one my Ubuntu systems up-to-date. The intended target is Not Connected to the internet. Am trying to get all the needed info from another machine with internet access.

After a bit of study, I found a way to achieve this. Can you please tell me if this is correct & safe?

Here is my understanding of the apt-get process..

First, we run the command 'apt-get update' : This connects to all the repositories mentioned in the '/etc/apt/sources.list'.. And,
downloads all the Packages.gz files like
(in.archive.ubuntu.com/ubuntu/dists/trusty/main/binary-amd64/Packages.gz)
& saves them in a similar name under '/var/lib/apt/lists' (for the
above mentioned url the corresponding file is
in.archive.ubuntu.com_ubuntu_dists_trusty_main_binary-amd64_Packages)

Then, when we run 'apt-get upgrade' (or) 'apt-get install pkg_name', this checks the locally installed package list with the local meta-data
downloaded & stored at '/var/lib/apt/lists'. And, then gets the
download url from that & asks for user confirmation before downloading
& installing the required packages.

This is my plan to keep the isolated machine up-to-date..

Get the list of packages to download from the '/etc/apt/sources.list' conf file at the target machine..
Download the meta-data files Packages.gz at another machine..
Copy these files to target machine's '/var/lib/apt/lists' under appropriate filename.
Run the 'apt-get –print-uris upgrade' (or) 'apt-get –print-uris –yes install pkg_name' to get the list of all the packages needed for that machine.
Download these packages again at the second machine.
Copy them to the target machine.
Run the 'dpkg -i pkg_list' to install all the missing packages.

I am able to achieve my goal using this process.

My question is : Is this correct & reliable? Or is there an easier way to achieve this?

Rangaraj

Best Answer

This sounds like it may work, but personally, I'd just use apt-offline.

From the manpage:

apt-offline brings offline package management functionality to Debian based system. It can be used to download packages and its dependencies to be installed later on (or required to update) a disconnected machine. Packages can be downloaded from a different connected machine.

Excerpt from Debian Administration:

Using apt-offline:

You generate a signature on your Debian box at home and carry the signature file on a removable medium
Now you take the USB Stick (with the apt-offline.txt signature file) to the office machine which could be running any linux version or even Windows.
There, you could run apt-offline giving it the signature file.
apt-offline would generate you an archive file or a folder with all the data. That data can be copied on a removable media. The removable media can be attached back to the disconnected Debian box at home and installed. (e.g. "apt-offline install /tmp/apt-offline.zip")

The simple approach

If you are using another machine, one which is connected to the internet, to upgrade your target computer, you can simply use the same sources.list file on the two machines, run apt-get update and then copy the package lists over:

$ sudo mv /etc/apt/sources.list /etc/apt/sources.list.orig
$ sudo mv target_computer_sources.list /etc/apt/sources.list
$ sudo apt-get update

apt stores its repository file lists in /var/lib/apt/lists/, so afer running the command above, you cam copy everything in /var/lib/apt/lists/ to the target machine and then revert to the original sources.list:

$ sudo mv /etc/apt/sources.list.orig /etc/apt/sources.list

The complex way

I for whatever reason the method above does not work for you, you can do it the way you were suggesting, you just need to parse the output of apt-get update --print-uris. The following are from my LMDE system but the idea is the same:

$ sudo apt-get update --print-uris -y | head
'ftp://ftp.debian.org/debian/dists/testing/main/source/Sources.bz2' ftp.debian.org_debian_dists_testing_main_source_Sources 0 :
'ftp://ftp.debian.org/debian/dists/testing/contrib/source/Sources.bz2' ftp.debian.org_debian_dists_testing_contrib_source_Sources 0 :
'ftp://ftp.debian.org/debian/dists/testing/non-free/source/Sources.bz2' ftp.debian.org_debian_dists_testing_non-free_source_Sources 0 :
'ftp://ftp.debian.org/debian/dists/testing/InRelease' ftp.debian.org_debian_dists_testing_InRelease 0 
'http://packages.linuxmint.com/dists/debian/main/source/Sources.bz2' packages.linuxmint.com_dists_debian_main_source_Sources 0 :
'http://packages.linuxmint.com/dists/debian/upstream/source/Sources.bz2' packages.linuxmint.com_dists_debian_upstream_source_Sources 0 :
'http://packages.linuxmint.com/dists/debian/import/source/Sources.bz2' packages.linuxmint.com_dists_debian_import_source_Sources 0 :
'http://packages.linuxmint.com/dists/debian/main/binary-amd64/Packages.bz2' packages.linuxmint.com_dists_debian_main_binary-amd64_Packages 0 :
'http://packages.linuxmint.com/dists/debian/upstream/binary-amd64/Packages.bz2' packages.linuxmint.com_dists_debian_upstream_binary-amd64_Packages 0 :
'http://packages.linuxmint.com/dists/debian/import/binary-amd64/Packages.bz2' packages.linuxmint.com_dists_debian_import_binary-amd64_Packages 0 :

In the output above, the 1st field is the URL and the 2nd is the name the file will be saved under. As I mentioned before, apt stores its repository file lists in /var/lib/apt/lists/, you can verify this by running locate on one of the 2nd fields above:

$ locate packages.linuxmint.com_dists_debian_main_source_Sources
/var/lib/apt/lists/packages.linuxmint.com_dists_debian_main_source_Sources

So, if you want to download and update each of those lists, you will need to parse the output of apt-get update --print-uris and tell wget to use the 2nd field as the output name:

$ sudo apt-get update --print-uris -y | sed "s/'//g" | cut -d ' ' -f 1,2 | 
   while read url target; do wget $url -O ./$target; done

This will download each package list and save it in the current directory using the appropriate name. You can now copy these files over to the /var/lib/apt/lists/ directory of the target machine.

Ubuntu – How to Fix apt-get Update ‘Hash Sum Mismatch’

First, you should understand why hash sum mismatch errors occur. In general, there are 2 reasons:

Firstly, Some apt repositories use LZMA (.xz) compressed metadata. apt before version 1.0 fails to decompressed LZMA archives correctly (sometimes) giving the hash sum mismatch error.

There's two work arounds for this:

Tell your apt client not to use XZ compressed metadata
Upgrade apt on your system to a version newer than 1.0

Check out this blog post I wrote about this issue which explains both work arounds in greater detail.

Secondly, APT repositories are inherently racy. The actual APT metadata is buggy and the design of it makes it impossible for apt clients to download the repository metadata in a consistent way if the apt-get update happens while the repository is being updated.

There's two work arounds for this:

Upgrade to a newer version of APT and ensure that the repository you create (or want to use) supports the Acquire-by-hash feature. This fixes the issue at its core, but not be possible in some cases if you don't control the repository.
You can delete the cached metadata on your system and try again. To do this, first run apt-get clean followed by rm -rf /var/lib/apt/lists/*. Next, run apt-get update. This will re-download all the metadata. If the repository you are trying to connect to doesn't update itself while you are running apt-get update, you will be fine. Otherwise, you'll have to do this again.

Best Answer

Related Solutions

Package Management – wget Downloaded File Names with Absolute Path for Use with apt-get

The simple approach

The complex way

Ubuntu – How to Fix apt-get Update ‘Hash Sum Mismatch’

Related Question