Home / ubuntu / Questions / 1188417
Accepted
Cheche
Asked: 2019-11-14 03:58:38 +0800 CST

Does apt-cache policy <package_name> require sudo?

  • 772

Can't find any formal explanation to determine whether apt-cache policy <package_name> command requires sudo or not.

Tested it in my machine (Ubuntu) with lots of packages and seems to work, but I'd like to know if there's an scenario where this does not work.

package-management permissions apt-cache

2 Answers

  1. Best Answer

    No, it doesn't make any changes and only grabs public details from your system (also available via http://packages.ubuntu.com/ with a browser though not as useful or machine specific as apt-cache provides) so sudo is not required.

    • 6

  2. When you run apt-cache policy <pkg>, it:

    • checks the repositories in /etc/apt/sources.list and /etc/apt/sources.list.d/*.list to get all the enabled respository addresses

    • based on the above list, gets all the packages matching the pattern from each repository packages file -- these reside in /var/lib/apt/lists/

    • it also checks /var/lib/dpkg/status to get the installation info for the package

    It also does some other stuff but not important to go into the details of those.

    Now, all it needs is the user has:

    • read-execute permissions for the directories (starting from root leading to it, including all subdirectories)
    • read permission on the relevant files

    all the directories mentioned have read-execute by default for others with files having read for others.

    As a result, on a default installation of Ubuntu, any user would be able to run apt-cache policy <pkg> without needing any special privilege.

    FWIW the binary apt-cache itself has the permission 0755, so is executable by anyone.

    • 3