Mastering dpkg and apt: Precision Installation of .deb Packages on Ubuntu
Software distribution on Ubuntu relies on .deb packages—direct, flexible, but prone to classic dependency pitfalls. GUI tools conceal critical details; any engineer who’s spent time debugging why “Install Failed” knows command-line tooling (and understanding the mechanisms) is necessary for operational control.
The Landscape: dpkg vs apt
Short version: dpkg is the low-level blunt instrument; apt is the high-level orchestrator.
| Tool | Dependency Resolution | Typical Use |
|---|---|---|
| dpkg | No | Install from local file |
| apt | Yes | Install from repo, fix deps, or install .deb since Ubuntu 16.04 |
A typical workflow isn’t just about installation—it’s about minimizing the blast radius of a bad or incomplete install. Consider this failure scenario (.deb from a vendor, dependencies missing):
sudo dpkg -i google-chrome-stable_current_amd64.deb
# Output:
# dpkg: error processing package google-chrome-stable (--install):
# dependency problems - leaving unconfigured
# google-chrome-stable depends on libappindicator3-1; however:
# Package libappindicator3-1 is not installed.
Download and Placement
Always verify your source and checksum. An engineer should never run random binaries from untrusted sources.
Practical example:
wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb -O ~/Downloads/chrome.deb
cd ~/Downloads
sha256sum chrome.deb # Vendor should supply a hash.
dpkg: Installation, and Its Pitfalls
Installing with dpkg:
sudo dpkg -i chrome.deb
If all dependencies are present, install completes. Otherwise, expect broken state: package partially installed, dependencies missing. System remains in this state until fixed.
dpkg -C lists half-installed (configured/partially configured) packages—often overlooked.
apt-get: Dependency Repair
To repair the dependency tree after a failed dpkg install:
sudo apt-get install -f
# -f == --fix-broken; brings in missing dependencies and configures packages left in limbo.
Note: Always run sudo apt update before this, especially on fresh installs or after adding new repos, to ensure apt can actually resolve dependencies.
Ubuntu 16.04+ : Native apt install of Local .deb
apt can now act directly on local .deb files, resolving dependencies in a single step:
sudo apt install ./chrome.deb
The path prefix (./) is non-negotiable: omitting it causes apt to search the repositories instead of your local tree.
Practical tip: If installing several .deb files (e.g., in CI), glob all at once:
sudo apt install ./package1.deb ./package2.deb
Removing Installed Packages
Cleanup is as important as installation.
sudo apt remove google-chrome-stable
# Or with dpkg:
sudo dpkg -r google-chrome-stable
apt remove triggers dependency and post-removal scripts—usually preferable unless handling edge cases (broken states beyond apt’s repair).
Verifying and Auditing
Check status:
dpkg -l | grep chrome
Detailed info before install:
dpkg -I chrome.deb
# Shows control file, version, declared dependencies.
Known Issues and Pro Tips
- Repositories and GPG keys: If dependency resolution fails due to missing repository packages, review
/etc/apt/sources.listand/etc/apt/sources.list.d/*.list. Some commercial.debpackages require you to register a repo (for dependency fetching) before installation. - Not all
.debpackages are created equal. Some omit EOL dependencies—require creative workarounds or even manual.debextraction. - Broken dependency cycles occasionally require apt’s nuclear option:
sudo apt --fix-broken install
Summary Table
| Action | Command |
|---|---|
| Install local .deb (legacy) | sudo dpkg -i package.deb |
| Fix broken/missing dependencies | sudo apt-get install -f |
| Install local .deb (+ dependencies, 16.04+) | sudo apt install ./package.deb |
| Remove package cleanly | sudo apt remove package_name |
Gap: Non-Obvious Pitfall
Some packages (notably, custom internal toolchains or older .debs) specify undeclared pre/post install hooks or break on locale settings. In these cases, inspecting the maintainer scripts (dpkg-deb -e package.deb ./tmp) can reveal “invisible” failure modes.
ASCII: dpkg and apt Dependency Loop
[package.deb] -> (dpkg -i) --X (missing deps) --> [apt-get install -f] -> (installs deps) -> done
\______________________________________________/
the critical feedback loop
Expect the unexpected. Package management is straightforward—until it isn’t. Time spent mastering these steps pays dividends as soon as you hit inevitable integration corners.
If you encounter a unique scenario or dependency failure not covered here, explore the control scripts and logs under /var/lib/dpkg/info/. Most broken installs don’t require a reinstall—just insight and the right command sequence.