apt-get autoremove dangerous?
Solution 1:
As others mentioned, autoremove should be safe, but then again, you said that you have bad experiences, and I also remember autoremove removing some stuff that should not be removed.
It seems like autoremove can have problems with some meta-packages. Say you installed the gnome meta-package for the entire gnome-desktop (or it was installed when setting up the system), which also includes programs like evolution and lots of games, which you might want to remove, because you are using thunderbird and do not want to have those games and the like. This requires you to also remove the gnome meta-package, since it depends on all those packages. But this will make all the other packages that were installed as dependencies of gnome "auto-removeable", including e.g. gnome-shell, which you most likely want to keep if you want to continue using that desktop.
So it's always a good idea to check the packages recommended for auto-removal. If you are using a graphical package manager like synaptic, you can easily do so and uncheck the "automatically installed" flag from packages you want to keep (like gnome-shell in the above example). This will also remove all the packages those depend on from the auto-removeable list, so you might only have to "fix" a few of those, and not all.
Still, it should not remove anything that's really essential to your system, so even if you accidentally removed e.g. your desktop, you can still boot and log into your system and revert those changes using the command line.
Update: Recently, after a dist upgrade (Debian), autoremove actually removed something related to hard disc encryption (still not sure what exactly, probably related to the issue described here), causing my system to be unable to decrypt the hard disc and to boot with the latest Kernel. Luckily, it still worked with an older Kernel that was still installed and I could re-install all that was previously autoremoved, otherwise my system would have been wrecked, including my data.
I don't think there is a "undo last changes" option in apt and friends. In synaptic there is a menu option to see the last changes (File -> History; seems to just show some log files, although I could not find the logs themselves; also, I am not sure if this only lists changes made in Synaptic or also e.g. in apt etc.), so I copied the names of all the packages I autoremoved since the last successful reboot (luckily, I reboot daily) from those logs and re-installed them, then rebooted.
Solution 2:
Surprising to see no one has yet mentioned the --dry-run and equivalent options:
From apt-get's man page:
-s, --simulate, --just-print, --dry-run, --recon, --no-act
No action. Perform a simulation of events that would occur but do not actually change the system.Configuration Item: APT::Get::Simulate.
Simulate prints out a series of lines, each one representing an rpm operation: Configure (Conf), Remove (Remv), Unpack (Inst).
This option seems to work with both the apt and apt-get commands.
Example output:
sudo apt-get autoremove --dry-run
[...]
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages will be REMOVED:
linux-headers-5.8.0-36-generic linux-hwe-5.8-headers-5.8.0-36 linux-image-5.8.0-36-generic
linux-modules-5.8.0-36-generic linux-modules-extra-5.8.0-36-generic
0 upgraded, 0 newly installed, 5 to remove and 13 not upgraded.
Remv linux-headers-5.8.0-36-generic [5.8.0-36.40~20.04.1]
Remv linux-hwe-5.8-headers-5.8.0-36 [5.8.0-36.40~20.04.1]
Remv linux-modules-extra-5.8.0-36-generic [5.8.0-36.40~20.04.1]
Remv linux-image-5.8.0-36-generic [5.8.0-36.40~20.04.1]
Remv linux-modules-5.8.0-36-generic [5.8.0-36.40~20.04.1]
So I suggest one can run autoremove with the --dry-run option, study the output with a cool head, and decide what to do based on that.
An additional observation: if one runs autoremove regularly, then the autoremovable packages do not pile up, and thus it remains more doable to oversee and evaluate the output of each dry-run.