From where does "apt-get install package_name" download packages?

Question

When I run this apt-get install package_name in SSH, the package is installed, but from which site?

I know in ruby when you run gem intall xxx, the gem is downloaded from rubygems.org. Not that long ago, the site was hacked and the hackers installed a payload in 1 gem. It is possible to find the gems at github and see what is going on. Rubygems also have a status.rubygems.org. Is there any similar for debian packages?

I am asking which offical site are the packages downloaded from? Ubuntu server 10.04 — Rails beginner, Feb 06 '13 at 15:52
I think they are downloaded from http://www.debian.org/distrib/packages — Rails beginner, Feb 06 '13 at 15:53
Does this answer your question? Where does apt-get install get packages from? — karel, Dec 17 '21 at 10:22
This question is older than the question listed as being duplicated. I vote to leave this one open. — C.S.Cameron, Dec 17 '21 at 16:57

score 4 · Accepted Answer · answered Feb 06 '13 at 16:14

4

Type:

apt-cache policy package_name

And it'll tell you. On Ubuntu, it's usually archive.ubuntu.com, but you may have other sources set up.

answered Feb 06 '13 at 16:14

Robie Basak

15,670

People manage this packages at: https://launchpad.net/ubuntu? – Rails beginner Feb 06 '13 at 16:23

score 2 · Answer 2 · answered Feb 06 '13 at 15:58

cat /etc/apt/sources.list
cat /etc/apt/sources.d/*

should show you the repos used. I don't know how rubygems.org was protected but here is some useful pieces of advice on apt: http://wiki.debian.org/SecureApt it's for debian but it also applies to Ubuntu which uses the same packet manager.

From where does "apt-get install package_name" download packages?

2 Answers2