The simple approach
If you are using another machine, one which is connected to the internet, to upgrade your target computer, you can simply use the same sources.list
file on the two machines, run apt-get update
and then copy the package lists over:
$ sudo mv /etc/apt/sources.list /etc/apt/sources.list.orig
$ sudo mv target_computer_sources.list /etc/apt/sources.list
$ sudo apt-get update
apt
stores its repository file lists in /var/lib/apt/lists/
, so afer running the command above, you cam copy everything in /var/lib/apt/lists/
to the target machine and then revert to the original sources.list
:
$ sudo mv /etc/apt/sources.list.orig /etc/apt/sources.list
The complex way
I for whatever reason the method above does not work for you, you can do it the way you were suggesting, you just need to parse the output of apt-get update --print-uris
. The following are from my LMDE system but the idea is the same:
$ sudo apt-get update --print-uris -y | head
'ftp://ftp.debian.org/debian/dists/testing/main/source/Sources.bz2' ftp.debian.org_debian_dists_testing_main_source_Sources 0 :
'ftp://ftp.debian.org/debian/dists/testing/contrib/source/Sources.bz2' ftp.debian.org_debian_dists_testing_contrib_source_Sources 0 :
'ftp://ftp.debian.org/debian/dists/testing/non-free/source/Sources.bz2' ftp.debian.org_debian_dists_testing_non-free_source_Sources 0 :
'ftp://ftp.debian.org/debian/dists/testing/InRelease' ftp.debian.org_debian_dists_testing_InRelease 0
'http://packages.linuxmint.com/dists/debian/main/source/Sources.bz2' packages.linuxmint.com_dists_debian_main_source_Sources 0 :
'http://packages.linuxmint.com/dists/debian/upstream/source/Sources.bz2' packages.linuxmint.com_dists_debian_upstream_source_Sources 0 :
'http://packages.linuxmint.com/dists/debian/import/source/Sources.bz2' packages.linuxmint.com_dists_debian_import_source_Sources 0 :
'http://packages.linuxmint.com/dists/debian/main/binary-amd64/Packages.bz2' packages.linuxmint.com_dists_debian_main_binary-amd64_Packages 0 :
'http://packages.linuxmint.com/dists/debian/upstream/binary-amd64/Packages.bz2' packages.linuxmint.com_dists_debian_upstream_binary-amd64_Packages 0 :
'http://packages.linuxmint.com/dists/debian/import/binary-amd64/Packages.bz2' packages.linuxmint.com_dists_debian_import_binary-amd64_Packages 0 :
In the output above, the 1st field is the URL and the 2nd is the name the file will be saved under. As I mentioned before, apt
stores its repository file lists in /var/lib/apt/lists/
, you can verify this by running locate
on one of the 2nd fields above:
$ locate packages.linuxmint.com_dists_debian_main_source_Sources
/var/lib/apt/lists/packages.linuxmint.com_dists_debian_main_source_Sources
So, if you want to download and update each of those lists, you will need to parse the output of apt-get update --print-uris
and tell wget
to use the 2nd field as the output name:
$ sudo apt-get update --print-uris -y | sed "s/'//g" | cut -d ' ' -f 1,2 |
while read url target; do wget $url -O ./$target; done
This will download each package list and save it in the current directory using the appropriate name. You can now copy these files over to the /var/lib/apt/lists/
directory of the target machine.
First, you should understand why hash sum mismatch errors occur. In general, there are 2 reasons:
Firstly, Some apt repositories use LZMA (.xz) compressed metadata. apt before version 1.0 fails to decompressed LZMA archives correctly (sometimes) giving the hash sum mismatch error.
There's two work arounds for this:
- Tell your apt client not to use XZ compressed metadata
- Upgrade apt on your system to a version newer than 1.0
Check out this blog post I wrote about this issue which explains both work arounds in greater detail.
Secondly, APT repositories are inherently racy. The actual APT metadata is buggy and the design of it makes it impossible for apt clients to download the repository metadata in a consistent way if the apt-get update
happens while the repository is being updated.
There's two work arounds for this:
- Upgrade to a newer version of APT and ensure that the repository you create (or want to use) supports the Acquire-by-hash feature. This fixes the issue at its core, but not be possible in some cases if you don't control the repository.
- You can delete the cached metadata on your system and try again. To do this, first run
apt-get clean
followed by rm -rf /var/lib/apt/lists/*
. Next, run apt-get update
. This will re-download all the metadata. If the repository you are trying to connect to doesn't update itself while you are running apt-get update
, you will be fine. Otherwise, you'll have to do this again.
Best Answer
This sounds like it may work, but personally, I'd just use apt-offline.
From the manpage:
apt-offline brings offline package management functionality to Debian based system. It can be used to download packages and its dependencies to be installed later on (or required to update) a disconnected machine. Packages can be downloaded from a different connected machine.
Excerpt from Debian Administration:
Using
apt-offline
:apt-offline.txt
signature file) to the office machine which could be running any linux version or even Windows.apt-offline
giving it the signature file.apt-offline
would generate you an archive file or a folder with all the data. That data can be copied on a removable media. The removable media can be attached back to the disconnected Debian box at home and installed. (e.g. "apt-offline install /tmp/apt-offline.zip
")