Find packages installed from a certain repository with aptitude

I'm in search for something analog to this question: Zypper: How do I display all packages from a certain repository?

Since I'm on Ubuntu, I need an aptitude based solution: How can I get a list of installed packages from a certain repository?


Using aptitude, in order to look for installed packages outside of the stable branch, you can use:

aptitude search "?narrow(?installed,?not(?archive(stable)))"

To see versions as well as package-names (and instead of descriptions) you can use the command with the format option (-F for short), as follows.

aptitude search -F "%p %V %v" "?narrow(?installed,?not(?archive(stable)))"

For more formats, please take a look at the manpage (here's documentation with avail. options).

That works for example, in Debian if you installed packages outside Squeeze (by runing, for example, apt-get install -t sid package-name.

You can look where an installed package comes from via apt-cache policy, usage is as follows:

apt-cache policy <package-name>

For example, my python-numpy package renders the following output:

$ LANG=C apt-cache policy python-numpy
python-numpy:
  Installed: 1:1.6.2-1
  Candidate: 1:1.6.2-1.2
  Version table:
     1:1.7.0-1 0
          1 http://ftp.es.debian.org/debian/ experimental/main amd64 Packages
     1:1.6.2-1.2 0
        500 http://ftp.es.debian.org/debian/ sid/main amd64 Packages
 *** 1:1.6.2-1 0
        100 /var/lib/dpkg/status
     1:1.4.1-5 0
        990 http://ftp.es.debian.org/debian/ squeeze/main amd64 Packages
        990 http://ftp.de.debian.org/debian/ squeeze/main amd64 Packages

That means that I'm one version behind current sid/main's branch, so I have an old-sid version installed. I see I don't have the stable one because it is yet 1.4.1-5, and I'm currently at 1.6.2-1.

At time of submittal this package was already updated : )


After reading info page of aptitude and a dozen of attempts, I finally got this :

aptitude search '?narrow(?installed,?not(?archive(testing)) ?archive(unstable))'

or (equivalent):

aptitude search '~S ~i (!~Atesting ~Aunstable)'

It will search packages installed from unstable archives of any repository; You have to filter out packages from your default archive (testing in above example).

If you want to filter packages installed from www.debian-multimedia.org/unstable :

aptitude search '~S ~i (!~Atesting ~Aunstable ?origin("Unofficial Multimedia Packages"))'

Edit:
"Archive", "origin" etc. are deducted from the Release file of the repository, but unfortunately, not all tools can look at all those lines and they use different syntax for them. You can find those files at /var/lib/apt/lists/*Release, or just type apt-cache policy to get an overview. apt-cache changed its output format - later versions use apt_preferences style.

  • Suite: or Archive: (old name!)
    • aptitude search: ?archive(___) or ~A___
    • aptitude format: %t
    • apt_preferences: release a=___
    • Ubuntu examples: natty-backports, trusty-security, stable
  • Origin:
    • aptitude search: ?origin(___) or ~O___
    • aptitude format: n/a
    • apt_preferences: release o=___
    • Ubuntu examples: Canonical, Google, Inc., LP-PPA-dockbar-main, Ubuntu
  • all other lines
    • aptitude: n/a

Examine the origin tag (such as o=Debian) for each of your current repositories:

apt-cache policy | sed -n 's/.*o=\([^,]\+\).*/\1/p' | uniq

Then search for packages from (or not from) a particular origin:

aptitude search "?installed?origin(Debian)"
aptitude search "?installed?not(?origin(Debian))"

This is not suitable for a security audit because it relies on each repository to provide its own origin information, but it might be helpful for troubleshooting the origin of packages that are present in multiple repositories.


For completeness: On Ubuntu systems you can use Synaptic for this task, too. In the left column you can filter packages by their origin.