Installing software with a package manager

Key takeaways On Linux you do not hunt the web for installers. A package manager fetches software for you from trusted repositories — signed collections of programs — and works out the dependencies each one needs. You name the software, run one command (with sudo), and it is installed, ready to update or remove cleanly later. This is safer and simpler than downloading random files, and it is how you will set up almost everything on a Linux machine.

Coming from Windows or macOS, installing software probably means visiting a website, downloading an installer, and clicking through it. Linux flips that around: the system already knows where to get trusted software, so you just ask for it by name. Once this clicks, setting up a new machine becomes a list of one-line commands.

Why a package manager

A package manager exists so you never have to trust — or manage — software by hand. It gives you three things that a downloaded installer cannot:

  • Trusted, signed sources. Packages come from repositories the system already trusts, and each one is cryptographically signed. The manager verifies that signature before installing, so you know the software is genuine and unmodified.
  • Automatic dependency resolution. Most programs rely on other libraries and tools — their dependencies. The package manager works out the full list, fetches it, and installs everything in the right order. No chasing “missing library” errors.
  • Clean updates and removal. Because the manager tracks exactly what it installed, it can update every program with one command and remove one completely, without leaving stray files behind.

That combination — trusted sources, dependencies handled, tidy updates — is why installing from a package manager is both safer and simpler than running an installer you found somewhere.

The families

Different Linux distributions use different package managers, but they all do the same job. The three you are most likely to meet:

  • apt — used by Debian, Ubuntu, and Raspberry Pi OS (and their many relatives).
  • dnf — used by Fedora and RHEL (Red Hat Enterprise Linux) and their relatives.
  • pacman — used by Arch Linux and its relatives.

The idea is identical across all three: name the software, and the tool fetches it from a repository with its dependencies. Only the commands differ. The first useful thing to know about any Linux machine is which package manager your distribution uses — that tells you which commands below apply. The examples here use apt, because it is the most common on the beginner-friendly distributions.

Core operations (apt examples)

Almost everything you do with apt is one of a handful of operations. Each changes the system, so each needs sudo:

  • sudo apt update — refresh the local list of what is available in the repositories. Run this first; it does not install anything, it just updates the catalogue.
  • sudo apt install <package> — install a program and its dependencies.
  • sudo apt remove <package> — remove a program you no longer want.
  • sudo apt upgrade — update every installed package to its latest version.
  • apt search <term> — find packages by keyword (no sudo needed; it only reads).

A typical first session looks like this:

$ sudo apt update
$ apt search sox
$ sudo apt install sox
$ sox --version

That refreshes the catalogue, searches for the audio tool sox, installs it, then confirms it is there. The update step matters: without a fresh catalogue, install may try to fetch a version the repository no longer has.

Repositories & trust

Every package your manager offers comes from a repository it is configured to trust. A fresh install already points at your distribution’s official repositories, which is why apt install “just works” for common software — it is all curated and signed.

You can add third-party repositories to reach software the official ones do not carry. That is a normal thing to do, but it is a trust decision: you are telling your system to accept and run signed software from someone new. Add only repositories you have reason to trust, the same way you would think twice before running an installer from an unknown website.

Snap, Flatpak & others

Alongside the classic managers, newer cross-distribution formats have appeared — mainly Snap and Flatpak. Instead of one package format per distribution, these bundle an application together with its dependencies so the same package runs on Debian, Fedora, Arch, and the rest.

You will meet them when a project ships only as a Snap or Flatpak, or when you want a newer version of a desktop application than your distribution’s repositories carry. They trade a little extra disk space and startup time for that portability. For most command-line and server work — including setting up GopherTrunk — the traditional package manager is still what you will reach for first.

In practice

Most of the time you will use a package manager to install the build tools and dependencies other software needs. Compilers, libraries, and command-line utilities all come from your repositories with a single install command — so when you set up something like GopherTrunk on Linux, the “install these prerequisites” step is just a short list of package names handed to apt, dnf, or pacman.

Quick check: why install software with a package manager instead of downloading a binary from a website?

Recap

  • A package manager installs software from trusted, signed repositories — no hunting for downloads.
  • It resolves dependencies automatically and lets you update and remove software cleanly.
  • Know your family: apt (Debian, Ubuntu, Raspberry Pi OS), dnf (Fedora/RHEL), pacman (Arch) — same idea, different commands.
  • The core apt moves: sudo apt update, then install, remove, or upgrade; search with apt search.
  • Adding a third-party repository is possible but is a trust decision.
  • Snap and Flatpak are cross-distribution formats you will meet for some apps.

Next up: Module 4 unlocks the shell’s real power — pipes & redirection