Linux

How to Configure sources.list on Debian 10

Debian is one of the most popular Linux distributions of all time, and now it got a new version release Debian 10 Buster. There is a lot of derivatives that came out of Debian, of which the most popular is Ubuntu.

Debian Linux distribution is widely used because of it’s core package management – APT, and it’s package format .deb. Every application, system utility or game in Debian, is distributed as a package. You can install those packages onto your system using APT (automatically or manually).

In this guide, we will briefly see new features of Debian 10, get familiar with the APT package manager, and learn how to configure it’s sources.list file on Debian 10 Buster.

Let’s see what are the new features and the most important changes.

New features of Debian 10 Buster

The most important features of new Debian 10 Buster are:

  • GNOME Desktop 3.30
  • Linux Kernel 4.19.0-5
  • OpenJDK 11.0
  • AppArmor Enabled by Default
  • Nodejs 10.15.2
  • NFtables replaces iptables
  • Support for lot of ARM 64 and ARMHF SBC Boards
  • Mailman 3
  • Bash 5.0 by Default
  • Debian implementing /usr/merge
  • Secure-boot support
  • Calameres Live-installer for Debian-Live images

What is APT manager and it’s sources.list

APT is the package manager used in Debian and its derivatives. APT stands for Advanced Package Tool and it is a set of tools for managing Debian packages, and therefore all of the applications installed on your Debian system.
APT is used to install, update or remove applications and packages.

APT is capable of resolving dependency problems and retrieving requested packages from package repositories. It delegates the actual installation and removal of packages to dpkg – low level core Debian Package tool. APT is mainly used by its command-line tools, but there are also GUI tools available.

The file /etc/apt/sources.list in Debian contains the list of the ‘sources’ from which the packages can be obtained. sources.list file can vary depending on various factors (from which medium the Debian was installed, was it updated from previous release, etc…)

This is the list we want on our system:

$ cat /etc/apt/sources.list

deb http://httpredir.debian.org/debian buster main non-free contrib
deb-src http://httpredir.debian.org/debian buster main non-free contrib

deb http://security.debian.org/debian-security buster/updates main contrib non-free
deb-src http://security.debian.org/debian-security buster/updates main contrib non-free

We will now discuss the contents of this file and it’s different sections.

Contents and sections of Debian sources.list file

The sections of sources.list file are as follows:

  • Archive type
  • Repository URL
  • Distribution
  • Component

We will now go into detail about each of these sections.

Archive type

The first entry on each line – deb or deb-src represents the type of repository archives.

deb means the repository in the URL provided contains pre-compiled packages. These are the packages installed by default when using package managers like apt-get, aptitude, synaptic, etc…
deb-src indicates source packages with Debian control file (.dsc) and the diff.gz containing the changes needed for packaging the program.

Repository URL

The next section on the entry line is an URL of the repository from where the packages will be downloaded from. You can find the main list of Debian repositories from Debian Worldwide sources.list mirrors.

Distribution

The distribution can be either the release code name / alias (jessie, stretch, buster, sid) or the release class (old stable, stable, testing, unstable) respectively. If you intend to track a release class then use the class name, if you want to track a Debian point release, use the code name.

Component

There are normally three components which can be used on Debian, namely:

  • main – This contains packages that are part of Debian distribution. These packages are DFSG compliant.
  • contrib -The packages here are DFSG compliant, but contains packages which are not in the main repository.
  • non-free – This contains software packages which do not comply with the DFSG.

As we can see in the following sources.list file on Debian 10 Buster, we want entries to have all three component types listed:

deb http://httpredir.debian.org/debian buster main non-free contrib
deb-src http://httpredir.debian.org/debian buster main non-free contrib

deb http://security.debian.org/debian-security buster/updates main contrib non-free
deb-src http://security.debian.org/debian-security buster/updates main contrib non-free

If your sources.list file differs, you will have to add contrib and non-free sections after main to have all of the packages listed. If this is the case on your system, you can edit the file /etc/apt/sources.list with nano, vim or any other editor to make changes. We will go through that in the next section of the article.

If you also need the Backports, contrib, and non-free components, add buster-backports lines. For example, for Debian 10 Buster:

deb http://deb.debian.org/debian buster-backports main contrib non-free
deb-src http://deb.debian.org/debian buster-backports main contrib non-free

You can instead use https://… in all of the above URLs to use the repositories over encrypted HTTPS connections. (Users of Debian 9 Stretch or older releases will need to install the apt-transport-https package first.)

If your sources.list contains all of the sections we can run package update using apt-get. This will ensure your apt index is synchronized. Then you can install new packages from the repository.

$ sudo apt-get update
Hit:1 http://security.debian.org/debian-security buster/updates InRelease
Hit:2 http://cdn-fastly.deb.debian.org/debian buster InRelease
Reading package lists... Done

In some cases you can get errors with repositories while updating the package lists. In that case use apt rather than apt-get. apt is preferred over apt-get for interactive use.

$ sudo apt update
$ sudo apt upgrade -y

If that doesn’t fix the issue then second option is to use –allow-releaseinfo-change

$ sudo apt-get --allow-releaseinfo-change update

Adding custom repositories

It is not always advisable to add custom and third-party repositories in the /etc/apt/sources.list file. Instead you can create a file under the /etc/apt/sources.list.d directory. For example, to install docker-ce on Debian 10 Buster from it’s upstream repository, you’ll do the following:

$ sudo vim /etc/apt/sources.list

Add the content:

deb [arch=amd64] https://download.docker.com/linux/debian buster stable

You can use a GNOME tool to edit your sources.list file. Access it through Menu → System → Administration → Software Sources.

gksu --desktop /usr/share/applications/software-properties.desktop /usr/bin/software-properties-gtk

Another way is to use the apt command used for adding third-party repositories:

$ sudo apt-get install software-properties-common

$ sudo add-apt-repository 
   "deb [arch=amd64] https://download.docker.com/linux/debian 
   $(lsb_release -cs) 
   stable"

You can then proceed to update apt-cache and install docker-ce package with apt-get. This is the recommended way to add any other third party repository.

You’ll notice this wont work because you don’t have the GPG key of the docker repository on your system. We’ll cover that next.

Importing apt keys

When working with apt and sources.list repositories, at some point you are required to import GPG keys. This is usually done using the command apt-key, with syntax:

# apt-key adv --keyserver [server-address] --recv-keys [key-id]

Or you can download the GPG key directly and install it from the current directory.
As an example, to download docker repository GPG keys, you’ll run:

$ curl -fsSL https://download.docker.com/linux/debian/gpg | sudo apt-key add -
OK

To test if the key was correctly installed run the following:

$ sudo apt-key fingerprint 0EBFCD88
pub   rsa4096 2017-02-22 [SCEA]
      9DC8 5822 9FC7 DD38 854A  E2D8 8D81 803C 0EBF CD88
uid           [ unknown] Docker Release (CE deb) 
sub   rsa4096 2017-02-22 [S]

After that you’ll run:

$ sudo apt-get update
$ sudo apt-get install docker-ce

Using Apt with Tor

If you’re concerned with privacy issues, or unsecure data transfer, you can use Tor with Debian repositories in your sources.list file. Apt can retrieve and download updates through Tor. For this to work you need to install the tor and apt-transport-tor packages. You can then use the official onion services provided by Debian.

deb tor+http://vwakviie2ienjx6t.onion/debian buster main
deb-src tor+http://vwakviie2ienjx6t.onion/debian buster main

deb tor+http://sgvtcaew4bxjd7ln.onion/debian-security buster/updates main
deb-src tor+http://sgvtcaew4bxjd7ln.onion/debian-security buster/updates main

deb tor+http://vwakviie2ienjx6t.onion/debian buster-updates main
deb-src tor+http://vwakviie2ienjx6t.onion/debian buster-updates main

Conclusion

We have seen how we can manipulate sources.list file and package repositories in Debian Linux. This is the updated article for the new Debian release – Debian 10 Buster. You should use this info safely because of manipulating sources.list file can make your system full of unstable packages and you may end up encountering many unresolved dependencies or even breaking your system.

Facebook Comments

Tags
Show More

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button