Ubuntu Server 18.04 – Installing and removing software

How to Create MySQL Users Accounts and Grant Privileges

With the differences between Snaps and Debian packages out of the way, let’s work through some examples of how to actually manage the software on our server. We’ll look at commands to search for available packages, and then we’ll install them and remove them.

Before we begin, we will want to research a bit regarding the application we want to install. In Ubuntu, there are multiple ways of installing software, so the best way to find out how to get started is by simply checking the documentation on the website for the application we want to install. Typically, a Google search will do (just make sure you check the domain and are on the correct site). Most software will have installation instructions for various platforms, including Ubuntu. Most of the time, it will just tell you to download the Debian package format via the apt install command. Other times, the software may have a Snap available, or even a PPA repository available (we’ll discuss PPA repositories later on in this chapter).

Let’s start our package management journey by taking a look at the apt commands that are used to install Debian packages. We’ve been using this tool for a while, but now we’ll actually have some formal discussion about it. The apt install command is just one tool in a set of tools known as APT. APT, or Advanced Package Tool, is a suite of tools that allows us to install, remove, and update Debian packages. There are various sub-commands that make up this suite, which we’ll go over now.

As you’ve seen throughout the tutorial, we can use apt along with the install keyword and then a package name in order to install a new package on your system. For example, the following command will install the openssh-server package:

sudo apt install openssh-server 

You can also install multiple packages at a time by separating each with a space, instead of installing each package one at a time. The following example will install three different packages:

sudo apt install <package1> <package2> <package3> 
In some tutorials, blogs, and articles, you may see longer versions of apt commands such as apt-get install instead of just apt install. Being able to shorten commands such as apt-get install to apt install is a relatively new feature of apt in Debian and Ubuntu. Both methods are perfectly valid, but simplifying APT commands down to just apt is preferred going forward.

So, what actually happens when you install a Debian package onto a Ubuntu system? If you’ve run through the process before, you’re probably accustomed to this process already. But, typically, the process begins with apt calculating dependencies. The majority of packages require other packages in which to function, so apt will check to ensure that the package you’re requesting is available, and that its dependencies are available as well. First, you’ll see a summary of the changes that apt wants to make to your server. In the case of installing the apache2 package on an unconfigured Ubuntu Server, I see the following output on my system when I start to install it:

sudo apt-get install apache2
Installing Apache on a sample server

Even though I only asked for apache2, apt informs me that it also needs to install apache2-bin, apache2-data, apache2-utils, and libapr1 (and others) in order to satisfy the dependencies for the apache2 package. Apt also suggests that I install www-browser, apache2-doc, apache2-suexec-pristine, and a few others, though those are optional and are not required. You can install the suggested packages by adding the --install-suggests option to the apt install command, but that isn’t always a good idea as it may install a large number of packages that you may not need. You can, of course, cherry-pick the suggested packages individually.

Most of the time, though, you probably won’t want to do this; it’s usually better to keep your installed packages to a lean minimum and install only the packages you need. As we’ll discuss in Chapter 15, Securing Your Server, the fewer packages you install, the smaller the attack surface of your server.

Another option that is common with installing packages via apt is the -y option, which assumes yes to the confirmation prompt where you choose if you want to continue or not. For example, my previous example output included the line Do you want to continue? [Y/n]. If we used -y, the command would have proceeded to install the package without any confirmation. This can be useful for administrators in a hurry, though I personally don’t see the need for this unless you are scripting your package installations.

Another neat default in Ubuntu Server is that it automatically configures most packages to have their daemons start up and also be enabled so that they start with each boot. This may seem like a no-brainer, but not everyone prefers this automation. As I’ve mentioned, the more packages installed on your server, the higher the attack surface, but running daemons are each a method of entry for miscreants should there be a security vulnerability. Therefore, some distributions don’t enable and start daemons automatically when you install packages. The way I see it, though, you should only install packages you actually intend to use, so it stands to reason that if you go to the trouble of manually installing a package such as Apache, you probably want to start using it.

When you install a package with the apt keyword, it searches its local database for the package you named. If it doesn’t find it, it will throw up an error. Sometimes, this error may be because the package isn’t available or perhaps the version that apt wants to install no longer exists. Ubuntu’s repositories move very fast. New versions of packages are added almost daily. When a new version of a package is added, its older equivalent may be removed. For this reason, it’s recommended that you update your package sources from time to time. Doing so is easy using the following command:

sudo apt update 

This command doesn’t actually update any packages, it merely checks in with your local mirror to see if any packages have been added or removed and updates your local index. This command is useful because installations of packages can fail if your sources aren’t up to date. In most cases, the symptom will either be the package isn’t found or apt bails out of the process when it encounters a package it’s looking for but cannot find.

Removing packages is also very easy and follows a very similar syntax; you would only need to replace the keyword install with remove:

sudo apt remove <package> 

And, just like with the install option, you can remove multiple packages at the same time as well. The following example will remove three packages:

sudo apt remove <package1> <package2> <package3> 

If you’d like to not only remove a package but also wipe out its configuration, you can use the --purge option. This will not only remove the package, but wipe out its configuration directory (applications typically store their configuration files in a sub-directory of /etc):

sudo apt remove --purge <package> 

So, that concludes the basics of managing Debian packages with apt. Now, let’s move on to managing Snaps. To manage Snap packages, we use the snap command. The snap command features several options we can use to search for, install, and remove Snap packages from our server or workstation. To begin, we can use the snap find command to display a list of Snap packages available to us:

snap find <package> 

Basically, you just simply type the snap find command along with a search term to look for. One example could be the nmap application, which is a useful tool to have if we’re managing a network:

snap find nmap 

In the case of nmap, this utility is available in Ubuntu’s default repositories, so you don’t need to use the Snap package to install it. Typically, though, the Snap version will be newer and have more features than what is available in the APT repositories. If we wish to install the Snap version, we can use the following command to do so:

sudo snap install nmap 

Now, if we check the location of nmap with the which nmap command, we see that the Snap version of nmap is run from a special place:

which nmap 
Checking the location of the nmap binary

Now, when we run nmap, we’re actually running it from /snap/bin/nmap. If we also have the nmap utility installed from Ubuntu’s APT repositories, then we can run either one at any time, since Snap packages are independent of the APT packages. If we wish to run Ubuntu’s version, we simply run it from /usr/bin/nmap.

Removing an installed Snap package is easy. We simply use the remove option:

sudo snap remove nmap 

If we issue that command, then nmap (or whichever Snap package we designate) is removed from the system.

To update a package, we use the refresh option:

sudo snap refresh nmap 

With that command, the package will be updated to the newest version available. Going even further, we can attempt to update every Snap on our server with the same command (without specifying a package):

sudo snap refresh 

As you can see, managing Snap packages is fairly straightforward. Using the snap suite of commands, we can install, update, or remove packages from our server or workstation. The snap find command allows us to find new Snap packages to install. Unfortunately, there aren’t very many packages available for us to work with just yet, but, as the technology advances and evolves, I’m sure many great applications will be available via this method. By the time this tutorial is released, I’m sure the number of Snap packages will have already grown.

Comments are closed.