How to automatically control APT cache

Keeping an eye on the APT cache on constantly changing operating systems can be quite tedious. You can perform maintenance from time to time by hand on a single server, but it does not scale well to multiple servers. It is better to automate this task and free up your time to focus on other projects.

System service

APT cache is automatically managed by the apt-daily systemd service.

$ systemctl status apt-daily.service
● apt-daily.service - Daily apt download activities
   Loaded: loaded (/lib/systemd/system/apt-daily.service; static; vendor preset: enabled)
   Active: inactive (dead) since Thu 2017-09-14 16:25:57 CDT; 53s ago
     Docs: man:apt(8)
  Process: 317 ExecStart=/usr/lib/apt/apt.systemd.daily update (code=exited, status=0/SUCCESS)
 Main PID: 317 (code=exited, status=0/SUCCESS)

This simple service executes /usr/lib/apt/apt.systemd.daily shell script.

$ cat /lib/systemd/system/apt-daily.service 
Description=Daily apt download activities

ExecStart=/usr/lib/apt/apt.systemd.daily update

Service is using timer-based activation.

$ systemctl status apt-daily.timer 
● apt-daily.timer - Daily apt download activities
   Loaded: loaded (/lib/systemd/system/apt-daily.timer; enabled; vendor preset: enabled)
   Active: active (waiting) since Thu 2017-09-14 16:25:54 CDT; 36s ago

It is executed twice a day. Randomly between 06:00-18:00 and 18:00-06:00.

$ cat /lib/systemd/system/apt-daily.timer 
Description=Daily apt download activities

OnCalendar=*-*-* 6,18:00


Inspect this timer thoroughly.

$ systemctl list-timers apt-daily.timer
NEXT                         LEFT     LAST                         PASSED       UNIT            ACTIVATES
Fri 2017-09-15 05:00:39 CDT  11h left Thu 2017-09-14 16:25:54 CDT  1h 10min ago apt-daily.timer apt-daily.service

1 timers listed.
Pass --all to see loaded but inactive timers, too.

Inspect APT cache configuration

Check out the current APT cache configuration using the following command.

$ apt-config dump | grep "^Dir\( \|::Ca\)"
Dir "/";
Dir::Cache "var/cache/apt";
Dir::Cache::archives "archives/";
Dir::Cache::srcpkgcache "srcpkgcache.bin";
Dir::Cache::pkgcache "pkgcache.bin";
Dir::Cache::Backup "backup/";

Backup APT cache

Perform backup every 7 days using /var/cache/apt/backup/ directory and keep the last 3 backups.

$ echo -e 'APT::Periodic::BackupArchiveInterval "7";\nAPT::Periodic::BackupLevel "3";\nDir::Cache::Backup "backup/";' |  sudo tee /etc/apt/apt.conf.d/99_periodic_backup
APT::Periodic::BackupArchiveInterval "7";
APT::Periodic::BackupLevel "3";
Dir::Cache::Backup "backup/";

These backups will be stored using numbered sub-directories, where the smallest number determines the latest one. Number of the used sub-directories depends on the BackupLevel configuration option - the value 3 will rotate backups using directories 0, 1 and 2.

$ ls /var/cache/apt/backup/
0  1  2

Backups are created using hard links to reduce the amount of used disk space.

$ tree --inodes /var/cache/apt/backup/0/
├── [ 917868]  lock
├── [ 917929]  partial [error opening dir]
├── [ 918040]  vim_2%3a8.0.0197-4_amd64.deb
└── [ 917586]  vim-runtime_2%3a8.0.0197-4_all.deb

1 directory, 3 files
$ tree --inodes /var/cache/apt/archives/
├── [ 917868]  lock
├── [ 917513]  partial [error opening dir]
├── [ 918729]  tree_1.7.0-5_amd64.deb
├── [ 918040]  vim_2%3a8.0.0197-4_amd64.deb
└── [ 917586]  vim-runtime_2%3a8.0.0197-4_all.deb

Remove packages from APT cache depending on their age

Remove packages from APT cache created before 14 days (14*24 hours ago).

$ echo -e 'APT::Periodic::MaxAge "14";' |  sudo tee /etc/apt/apt.conf.d/99_periodic_autoclean
APT::Periodic::MaxAge "14";

Remove packages from APT cache depending on the used disk space

Remove oldest packages from APT cache when the cache size exceeds 1024 MB, but skip packages downloaded at least 2 days ago (2*24 hours ago).

$ echo -e 'APT::Periodic::MaxSize "1024";\nAPT::Periodic::MinAge "2";' |  sudo tee /etc/apt/apt.conf.d/99_periodic_autoclean
APT::Periodic::MaxSize "1024";
APT::Periodic::MinAge "2";

Remove outdated packages from APT cache every n-days

Perform apt-get autoclean every 10 days.

$ echo -e 'APT::Periodic::AutocleanInterval "10";' |  sudo tee /etc/apt/apt.conf.d/99_periodic_autoclean
APT::Periodic::AutocleanInterval "10";

Remove every package from APT cache every n-days

Perform apt-get clean every 10 days.

$ echo -e 'APT::Periodic::CleanInterval "10";' |  sudo tee /etc/apt/apt.conf.d/99_periodic_autoclean
APT::Periodic::CleanInterval "10";

Disable automatic APT cache management

Disable automatic APT cache management regardless of the systemd service status.

$ echo -e 'APT::Periodic::Enable "0";' |  sudo tee /etc/apt/apt.conf.d/10_periodic_disable
APT::Periodic::Enable "0";

Additional information

Enable verbose mode output debug information. These will be send by systemd to the root user.

$ echo -e 'APT::Periodic::Verbose "1";' |  sudo tee /etc/apt/apt.conf.d/10_periodic_verbose
APT::Periodic::Verbose "1";

Possible values are:

  • 0 - disable report mail
  • 1 - include progress report
  • 2 - include command outputs
  • 3 - trace output

Execute regular maintenance tasks by hand.

$ sudo /usr/lib/apt/apt.systemd.daily lock_is_held

If you need to remove timestamp files to force execution, inspect the following directory.

$ ls /var/lib/apt/periodic/