Is there a situation where a newly-added repository would need to install "dependency" packages before being asked to install anything new?
I just came across the following situation:
While my system was up-to-date, I added the Certbot repository (http://ppa.launchpad.net/certbot/certbot/ubuntu), and after running an update, nine packages were reported to be upgradable. I tried to do an upgrade and got the following:
$ sudo aptitude safe-upgrade
Resolving dependencies...
The following NEW packages will be installed:
python3-certifi{a} python3-idna{a}
The following packages will be upgraded:
python-chardet python-pkg-resources python-six python3-chardet python3-configobj python3-pkg-resources python3-requests python3-six python3-urllib3
9 packages upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
Need to get 906 kB of archives. After unpacking 1,183 kB will be used.
I can understand packages being upgraded: the new repository has newer versions of packages already installed on my system, so they're marked for upgrade. But why is it trying to install new packages? The packages in question certainly seem relevant to the software on the repository, but why would they be installed automatically?
If they are a dependency for something on my system, how was it working before? How can I investigate exactly what's going on?
UPDATE
I checked the reverse dependencies with apt-cache
; e.g.,
$ sudo apt-cache rdepends python3-certifi
python3-certifi
Reverse Depends:
python3-requests
With the Certbot repository disabled, I get
$ apt-cache depends python3-requests
python3-requests
Depends: python3-urllib3
Depends: <python3:any>
python3:i386
python3
Depends: ca-certificates
Depends: python3-chardet
Depends: python3-urllib3
and when I enable it, I get
$ apt-cache depends python3-requests
python3-requests
Depends: python3-certifi
Depends: python3-chardet
Depends: python3-idna
Depends: python3-urllib3
Depends: <python3:any>
python3:i386
python3
Depends: ca-certificates
Depends: python3-urllib3
So, I guess, the real question becomes: are package dependencies a function of available packages/repositories? I thought dependencies should be fixed: a package either requires another package to work (whether it is available to you or not) or it doesn't (in which case, it's not really a dependency).
System:
- Kubuntu 16.04
- Kernel 4.13.0-45-generic #50~16.04.1-Ubuntu 64-bit
You have already answered your question: PPA have newer versions of already installed packages, so after adding PPA and running
apt-get update
APT sees that newer versions are available and lists some packages as having updates.You can get details by running
apt-cache policy
:and check their origin (see Version table).
Also you can check from where two new packages will be installed and why they will be installed (check with
apt-cache rdepends
):You can consult
man apt-cache
for details.Using the commands suggested by N0rbert and with some help from the good people at the OFTC #debian IRC channel, I traced it back through the packages and figured out why this happened, which is probably the most likely scenario when seeing unexplained new packages automatically installed:
The newly-added repository contained a newer version of an existing package, which was marked for upgrade. The new version of the upgraded package had a new dependency (that the older version didn't have), so the new dependency was marked for automatic installation.
For example, the upgraded version of the existing package
python3-requests
haspython3-certifi
as a new dependency, so the latter was marked for installation.It was my fault that I originally missed the fact that the reverse dependency of
python3-certifi
(python3-requests
) was one of the packages being upgraded.