Is "apt-get remove openssl -y" VERY DANGEROUS?

Just ran this and it looks unancellable.

MUCH is being cleared out.

I simply want to remove and re-insall all ssl ssh apparatus.

There is horrible version mismatch.

Asked By: mathtick


It’s the operating system’s command line interface.

In this environment, a lot of commands can become very dangerous, especially when they are being copy-pasted, and especially when unintended, or unaware options, such as -y are being left in them.

I seem to observe that a lot of people —novices, but on occasion, sysadmins alike— appear to learn to respect this environment only at their own, sometimes significant expenses.

In the meanwhile, I suggest relying on the apt-get command’s --simulate or equivalent --dry-run options to review the impact of such commands without having to live with the consequences.

Answered By: Levente

You can easily reinstall the removed packages.

Apt has a history file. This file is /var/log/apt/history.log. Run the following command to view it in the terminal:

cat /var/log/apt/history.log

You will see a Start date, Commandline used, Requested-By username, etc.

So run:

grep -hA5 "remove openssl" /var/log/apt/history.log | grep "Remove"

This should print out the packages that were removed. The word "Remove" should only appear once, at the beginning of the list.

If this list appears to be what was removed, then proceed.

First, cd into your user’s home directory and then send the list to a file named "removedpackages".

grep -hA5 "remove openssl" /var/log/apt/history.log | grep "Remove" > removedpackages   

Now we need to clean up the list before sending it to apt.

This command should print everything on a new line:

sed -e "s/ [a-z0-9(]/n&/g" removedpackages

This should grep for only the package names (lines that begin with a blank space followed by a lower case letter or number).

sed -e "s/ [a-z0-9(]/n&/g" removedpackages | grep '^ [a-z0-9]'

Now the packages should be listed in the form of packagename:amd64 or packagename:all or packagename:i386 etc.

If so, then send the list to a new file named removedlist.

sed -e "s/ [a-z0-9(]/n&/g" removedpackages | grep '^ [a-z0-9]' > removedlist

Finally to reinstall the packages, send the contents of the file to apt.

sudo apt update
sudo apt install $(cat removedlist)

And remove your work files:

rm removedlist removedpackages

An explanation of the options used for:

sed -e "s/ [a-z0-9(]/n&/g"
  • -e prints or echos the output instead of editing the file
  • s///g is the standard form of a substitute string
  • [a-z0-9(] match any blank space followed by a lowercase letter or number or open parenthesis.
  • n& substitute with a new line n before the match &.


For grep -hA5

  • -h says do not list the file name in the output and
  • A5 says to also list the 5 lines after the match
Answered By: mchid
Categories: Answers Tags: , ,
Answers are sorted by their score. The answer accepted by the question owner as the best is marked with
at the top-right corner.