How do I find out which repository a package comes from?

Question

Is there a method or command which can tell from which repository a package is coming from?

Answer 1

Use following command. It has better output:

apt policy <Package Name>

Before Ubuntu 16.04 the command was:

apt-cache policy <Package Name>

Answer 2

Edit:

Check out SuB's answer. Looks a bit simpler!

Original:

Commands Needed:

• dpkg -s <package> - allows you to find the version of that you have installed. (source)
• apt-cache showpkg <package> - will show a list of Versions of the package available. For each version, the source of the package, in the form of an index file name, will be given.

If you want to find the source of the package that's currently installed, you'll need the output of dpkg -s <package>. Otherwise, you can simply look at the newest version output by apt-cache showpkg <package>.

Example:

$ dpkg -s liferea
Package: liferea
Status: install ok installed
Priority: optional
Section: web
Installed-Size: 760
Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
Architecture: i386
Version: 1.6.2-1ubuntu6
...
$ apt-cache showpkg liferea
Package: liferea
Versions: 
1.6.2-1ubuntu6.1 (/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_lucid-updates_main_binary-i386_Packages)
 Description Language: 
                 File: /var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_lucid-updates_main_binary-i386_Packages
                  MD5: 557b0b803b7ed864e6d14df4b02e3d26
1.6.2-1ubuntu6 (/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_lucid_main_binary-i386_Packages) (/var/lib/dpkg/status)
 Description Language: 
                 File: /var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_lucid_main_binary-i386_Packages
                  MD5: 557b0b803b7ed864e6d14df4b02e3d26
...

From the first command, I can see that Liferea version 1.6.2-1ubuntu6 is installed. From the second command, I can see that that version is listed in /var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_lucid_main_binary-i386_Packages.

Without too much effort, I can deduce that the source line contains archive.ubuntu.com, ubuntu, lucid, and main.

And, sure enough, my /etc/apt/sources.list contains the following line.

deb http://archive.ubuntu.com/ubuntu lucid main universe restricted multiverse

Answer 3

apt on Ubuntu 16.04+

Beside apt-cache policy, showpkg and show, now we have a more simple, with easy to remember subcommands: apt^{[1] [2]} (don't get confused with classic apt-*):

apt policy <package> 

Or the alternative with more info apt show <package>, line starting with "APT-Sources:".

Description: This package provides command line tools for searching and managing as well as querying information about packages as low-level access to all features of the libapt-pkg library. This includes:apt-get, apt-cache, apt-cdrom, apt-config, apt-key.

Warning: apt does not have a stable CLI interface. Use with caution in scripts.

Basic commands from apt --help

Other also easy to remember subcommands:

• apt list – list packages based on package names

• apt search – search in package descriptions

• apt show – show package details

• apt update – update list of available packages

• apt install – install packages

• apt remove – remove packages

• apt purge – remove packages and configuration files:

  Removing a package removes all packaged data, but leaves usually small (modified) user configuration files behind, in case the remove was an accident. Just issuing an installation request for the accidentally removed package will restore its function as before in that case. On the other hand you can get rid of these leftovers by calling purge even on already removed packages. Note that this does not affect any data or configuration stored in your home directory.

  To remove residual packages:

  sudo apt purge $(dpkg -l | grep "^rc" | awk '{print $2}')
  

• apt upgrade – upgrade the system by installing/upgrading packages

• apt full-upgrade – upgrade the system by removing/installing/upgrading packages

• apt edit-sources – edit the source information file

Answer 4

Sadly, this information is not recorded during package installation. You can make a decent guess if the repository is still in the source list and the repository still has the package:

grep -l PKG /var/lib/apt/lists/*

Even synaptic cannot tell if you disable the repository and update.

Answer 5

sudo grep *packagename* /var/lib/apt/lists/* | grep "Filename:"

source

Answer 6

I had a similar usecase, where I needed to find out, which packages came from the Icinga Repository (and not the main Debian repos). However, I didn't want to script around the output of apt policy.

Instead I searched for the Origin of the packages. In this case it was "icinga-bookworm" according to the sources.list entry:

deb (..) https://packages.icinga.com/debian icinga-bookworm main

With that information I was able to search like this:

apt list "?origin(icinga-bookworm)"

Or only installed packages:

apt list "?and(?origin(icinga-bookworm), ?installed)"

The same works with aptitude search, if you prefer aptitude. (https://www.debian.org/doc/manuals/aptitude/ch02s04s05.en.html#searchTermReferenceList)

Answer 7

Another useful command is "apt-cache policy". It will show something like this:

$ apt-cache policy 
Package files: 
 # The default https://wiki.debian.org/DebianStable repository with a priority of 500
 500 https://deb.debian.org/debian stable/main amd64 Packages
     o=Debian,n=stable,l=Debian,c=main,b=amd64
     origin deb.debian.org
The repository for Debian https://wiki.debian.org/PointReleases (security and grave bug fixes ~every 2 months)
500 https://deb.debian.org/debian stable-updates/main amd64 Packages
     release o=Debian,a=oldstable-updates,n=stable-updates,l=Debian,c=main,b=amd64
     origin deb.debian.org

Ref: https://wiki.debian.org/AptConfiguration

Answer 8

When upgrading from one ubuntu version to the next one, I like to use the opportunity to do some spring cleaning.

This is a combination of the above answers.

To generate a filterable list from which repositories a package was installed we can use apt policy and remove the newlines:

dpkg -l | grep "ii" | awk '{print $2}' | xargs -n 1 -IX sh -c "apt policy X 2>/dev/null | tr '\n' ' ' | sed -e 's/$/\n/'" | tee all_packages.txt

Then we can inspect the all_packages.txt file and filter for packages which are not from the ubuntu repositories.

cat all_packages.txt | grep -v "ubuntu.com"

We can now inspect this list and decide which ones to remove and which ones to keep.

To only get the package names we can use:

cat all_packages.txt | grep -v "ubuntu.com" | sed 's/:.*//g'

Answer 9

#!/usr/bin/env bash

# List of packages to check
packages=(
    package_name package_name package_name
    package_name package_name package_name
)

# File to store the list of unavailable packages
unavailable_packages_file="unavailable_packages.txt"

# Clear or create the file
> "$unavailable_packages_file"

clear
printf "%s\n\n" 'Testing the packages please be patient...'
# Check each package with apt-cache
for pkg in "${packages[@]}"
do
    if ! apt-cache show "$pkg" > /dev/null 2>&1; then
        echo "$pkg" | tee -a "$unavailable_packages_file"
    fi
done

clear

# Check if the file has content and display the result
if [ -s "$unavailable_packages_file" ]; then
    printf "%s\n\n" "The following packages are not available in the APT repositories:"
    cat "$unavailable_packages_file"
    printf "\n%s\n\n" "A list of the missing packages has been saved in the current directory."
else
    printf "%s\n\n" "All packages are available in the APT repositories."
fi