Translation(s): English - Español - Français - Italiano - Português (Brasil) - Русский

Introduction

Apt downloads packages from one or more software repositories (sometimes called suites, distributions, versions, or even sources) and installs them onto your computer.

A repository, for example such as the official DebianStable repository, is generally accessed from a server on the internet. Local directories or CDs/DVDs can also be used.

The specific repositories (package sources) configured on your machine affect:

• What software packages are available for download
• What versions of packages are available

Commonly used APT sources

• DebianStable: official Debian repository for the current release

• StableProposedUpdates: official Debian repository for upcoming point releases (security and important bug fixes every ~2 months)

• StableUpdates: official Debian repository for changes that cannot wait for the next point release, packages are also added to StableProposedUpdates for inclusion in the next point release

• DebianSecurity: official Debian repository for frequent security updates

• DebianBackports: more recent versions of some packages, compatible with DebianStable.

• DebianTesting: current development state of the next stable Debian distribution

• DebianUnstable: rolling development version containing the latest packages

• DebianExperimental: development version containing the experimental/alpha/beta/untested packages

Using APT sources

Precautions

Being able to change the sources used by your package management system is a powerful feature but this power comes with some risk. Users are cautioned that it is possible to break your system (in a way that could be difficult or impossible to cleanly fix) by adding third-party repositories, or repositories for a Debian version that does not match your current version - these repository create a risk of conflicting package versions, creating what's sometimes called a "Franken-Debian" system. The whole concept behind a Debian stable release is that the Debian developers have picked a set of software and their versions that function nicely together. While this software is patched to fix security issues, the software is frequently not the latest version. It takes some experience to know how the packages may be changed without risk of breaking your system. Users of all levels are advised to change package sources cautiously.

Using a graphical program

Some programs allow configuring Apt sources through a graphical interface. For example:

• Applications menu > Settings > Software and updates (software-properties-gtk package)

Using a text editor

The main APT sources configuration file is /etc/apt/sources.list.d/debian.sources. You can edit this file (as root) using your favorite text editor. See the sources.list(5) manual page for more information.

To add additional sources, it is best to create separate files (whose name should end in .sources in /etc/apt/sources.list.d/ in DEB822 source . See the deb822(5) manual page.

APT sources format

debian.sources format

This is now the recommended format since DebianTrixie (see https://www.debian.org/releases/trixie/release-notes/upgrading.en.html#start-from-pure-debian.

sources.list format

Before DebianTrixie APT sources were usually configured in /etc/apt/sources.list which uses a less readable format. This file is still supported, but is likely to be deprecated in a future Debian release. The new format can be used from (at least) DebianBullseye.

The entries in this file normally follow this format:

deb https://site.example.com/debian distribution component1 component2 component3
deb-src https://site.example.com/debian distribution component1 component2 component3

Details of the old sources.list format

Archive type

The first word on each line, deb or deb-src, indicates the type of archive. Deb indicates that the archive contains binary packages (deb), the pre-compiled packages that we normally use. Deb-src indicates source packages, which are the original program sources plus the Debian control file (.dsc) and the diff.gz containing the changes needed for packaging the program.

Repository URL

The next entry on the line is a URL to the repository that you want to download the packages from. The main list of Debian repository mirrors is located here.

Distribution

The 'distribution' can be either the release code name / alias (such as bookworm, sid, etc) or an alias such as oldoldstable, oldstable, stable, testing or unstable. You should avoid using aliases such as stable in your sources.list as that results in nasty surprises and broken systems when the next stable release is made: upgrading to a new stable release should be a deliberate, careful action and editing a file once every two years is not a burden.

For example, if you always want to help test the testing release, use 'testing'. If you are tracking forky and want to stay with it from testing to end of life, use 'forky'.

Component

main consists of DFSG-compliant packages, which do not rely on software outside this area to operate. These are the only packages considered part of the Debian distribution.

contrib packages contain DFSG-compliant software, but have dependencies not in main (possibly packaged for Debian in non-free). Note: In this component, the package contents after installation may be considered non-free and with a non-free license, but the package contents in the distribution repository would be DFSG compliant and, as mentioned, may get dependency contained in non-free.

non-free contains software that does not comply with the DFSG.

non-free-firmware provides firmware that is needed by some hardware, but does not comply with the DFSG.

Examples

Just as a reminder, you can find an example of a working configuration with all suites and components enabled in /usr/share/doc/apt/examples/debian.sources or ../sources.list (until Bookworm).

debian.sources

Here is an example of a deb822 style debian.sources which you will find under /etc/apt/sources.list.d/debian.sources since DebianTrixie.

Types: deb deb-src
URIs: https://deb.debian.org/debian
Suites: bookworm bookworm-updates
Components: main non-free-firmware
Enabled: yes
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg

Types: deb deb-src
URIs: https://security.debian.org/debian-security
Suites: bookworm-security
Components: main non-free-firmware
Enabled: yes
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg

sources.list for stable

Below is an example of a sources.list for Debian 12/Bookworm (stable) released 10th June 2023.

deb https://deb.debian.org/debian bookworm main non-free-firmware
deb-src https://deb.debian.org/debian bookworm main non-free-firmware

deb https://security.debian.org/debian-security bookworm-security main non-free-firmware
deb-src https://security.debian.org/debian-security bookworm-security main non-free-firmware

deb https://deb.debian.org/debian bookworm-updates main non-free-firmware
deb-src https://deb.debian.org/debian bookworm-updates main non-free-firmware

If you need the contrib, non-free and non-free-firmware components, add contrib non-free non-free-firmware after main. For example, for Debian 12/Bookworm:

Types: deb deb-src
URIs: https://deb.debian.org/debian
Suites: bookworm bookworm-updates
Components: main contrib non-free non-free-firmware
Enabled: yes
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg

Types: deb deb-src
URIs: https://security.debian.org/debian-security
Suites: bookworm-security
Components: main contrib non-free non-free-firmware
Enabled: yes
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg

The equivalent entry as sources.list including the non-free and non-free-firmware components:

deb https://deb.debian.org/debian bookworm main contrib non-free non-free-firmware
deb-src https://deb.debian.org/debian bookworm main contrib non-free non-free-firmware

deb https://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
deb-src https://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware

deb https://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware
deb-src https://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware

If you need the Backports, contrib, and non-free components, add bookworm-backports lines. For example, for Debian 12/Bookworm:

Types: deb deb-src
URIs: https://deb.debian.org/debian
Suites: bookworm bookworm-updates bookworm-backports
Components: main contrib non-free non-free-firmware
Enabled: yes
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg

Types: deb deb-src
URIs: https://security.debian.org/debian-security
Suites: bookworm-security
Components: main contrib non-free non-free-firmware
Enabled: yes
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg

The equivalent entry as sources.list including the non-free non-free-firmware and bookworm-backports component:

deb https://deb.debian.org/debian bookworm-backports main contrib non-free non-free-firmware
deb-src https://deb.debian.org/debian bookworm-backports main contrib non-free non-free-firmware

Below is an example of a sources.list for Debian 11/Bullseye (oldstable).

deb https://deb.debian.org/debian bullseye main
deb-src https://deb.debian.org/debian bullseye main

deb https://deb.debian.org/debian-security/ bullseye-security main
deb-src https://deb.debian.org/debian-security/ bullseye-security main

deb https://deb.debian.org/debian bullseye-updates main
deb-src https://deb.debian.org/debian bullseye-updates main

If you need the contrib and non-free components, add contrib non-free after main. For example, for Debian 11/Bullseye:

deb https://deb.debian.org/debian bullseye main contrib non-free
deb-src https://deb.debian.org/debian bullseye main contrib non-free

deb https://deb.debian.org/debian-security/ bullseye-security main contrib non-free
deb-src https://deb.debian.org/debian-security/ bullseye-security main contrib non-free

deb https://deb.debian.org/debian bullseye-updates main contrib non-free
deb-src https://deb.debian.org/debian bullseye-updates main contrib non-free

If you need the Backports, contrib, and non-free components, add bullseye-backports lines. For example, for Debian 11/Bullseye:

deb https://deb.debian.org/debian bullseye-backports main contrib non-free
deb-src https://deb.debian.org/debian bullseye-backports main contrib non-free

Questions about the support cycle? Click here

Unstable

If you need the Debian Unstable, then change the distribution to unstable. Note that Updates and Security is not used since Unstable is a rolling development version consisting of the latest packages. That is, unstable main will be the only entry in sources.list.

Debian Unstable sources in the new (preferred) deb822 format (containing both contrib and non-free, non-free-firmware):

URIs: https://ftp.debian.org/debian/
Suites: sid
Components: contrib  main non-free non-free-firmware
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg

Old sources.list approach:

deb https://deb.debian.org/debian/ unstable main
deb-src https://deb.debian.org/debian/ unstable main

Old sources.list can be modernized by running apt modernize-sources with no parameters. Though you can supply [ --assume-yes | --assume-no ] to auto-accept or deny the prompt.
This does not result in old lists becoming lost, they're just moved to a sources.list.bak file which disables them.
You can use a GNOME tool to edit your sources.list file. Access it through Menu → System → Administration → Software Sources.

Using Tor with Apt

Apt can retrieve and download updates through Tor. For this to work you need to install the tor and apt-transport-tor packages. You can then use the official onion services provided by Debian.

Here is an example sources.list using the onion services for Debian 11/Bullseye:

deb tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bullseye main
deb-src tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bullseye main

deb tor+http://5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion/
debian-security bullseye-security main
deb-src tor+http://5ajw6aqf3ep7sijnscdzw77t7xq4xjpsy335yb2wiwgouo7yfxtjlmid.onion/
debian-security bullseye-security main

deb tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bullseye-updates main
deb-src tor+http://2s4yqjx5ul6okpp3f2gaunr2syex5jgbfpfvhxxbbjwnrsvbk5v3qbid.onion/debian bullseye-updates main

CD-ROM

If you'd rather use your CD-ROM for installing packages or updating your system automatically with APT, you can put it in your /etc/apt/sources.list. To do so, you can use the apt-cdrom program like this:

# apt-cdrom add

with the Debian CD-ROM in the drive.

You can use -d for the directory of the CD-ROM mount point or add a non-CD mount point (i.e. a USB keydrive).

Name Resolution

On occasion name resolution can break.

# apt update
0% [Working]Unsupported socketcall: 20
Unsupported socketcall: 20
Unsupported socketcall: 20
Unsupported socketcall: 20
Unsupported socketcall: 20
Unsupported socketcall: 20
Unsupported socketcall: 20
Unsupported socketcall: 20
Err:1 https://deb.debian.org/debian testing InRelease
  Temporary failure resolving 'deb.debian.org'
Reading package lists... Done
W: Failed to fetch https://deb.debian.org/debian/dists/testing/InRelease  Temporary failure resolving 'deb.debian.org'
W: Some index files failed to download. They have been ignored, or old ones used instead.

You can temporarily work around it by obtaining the IP address from another machine, and then using the IP address rather than the URI:

echo "deb https://128.30.2.26/debian testing main" > /etc/apt/sources.list

apt update
Get:1 https://128.30.2.26/debian testing InRelease [232 kB]
Get:2 https://128.30.2.26/debian testing/main s390x Packages [7583 kB]
Get:3 https://128.30.2.26/debian testing/main Translation-en [5134 kB]    
Fetched 13.0 MB in 32s (403 kB/s)                                              
Reading package lists... Done

Debug Symbol Packages

To debug a crash you often need the related debug symbol files. For most Debian packages these are in dbgsym packages. These are available from a separate archive.

Here is an example entry for your sources.list for Debian 12/Bookworm dbgsym packages:

deb https://deb.debian.org/debian-debug/ bookworm-debug main

And an example for Debian 11/Bullseye:

deb https://deb.debian.org/debian-debug/ bullseye-debug main

The same if you running testing:

deb https://deb.debian.org/debian-debug/ testing-debug main

And one more example if you are using the unstable distribution:

deb https://deb.debian.org/debian-debug/ unstable-debug main

More information

• A list of UnofficialRepositories to get extra software ( Skype, Opera, Google )

• About deb.debian.org, a service that aims to solve the problem of choosing a Debian mirror.

• Adding source lists, including cds, using apt-setup

• APT HOWTO

• AptCLI

• AptPreferences

• Backports

• Debian on CDs

• DebianRepository/UseThirdParty - Instructions to use to a third-party repository

• sources.list(5) manual page

CategoryPackageManagement