Debian / Ubuntu Linux apt-get: Blacklist a Package From Installing

I‘ve build my own lighttpd .deb package and I do not want to upgrade it using the apt-get command. Also, I do not want to upgrade a few more packages such as php5-cgi, httpd and so on. How do I blacklist a package or packages so that when I run apt-get upgrade, it will ignore blacklisted packages and install the rest of updates under Debian or Ubuntu Linux server system?

Tutorial details
Difficulty level Intermediate
Root privileges Yes
Requirements dpkg
Est. reading time N/A
You need use the dpkg command – a tool to install, build, remove and manage Debian packages. Each package under Debian or Ubuntu Linux has the following selection stats:

  1. install – The package is selected for installation.
  2. hold – A package marked to be on hold is not handled by dpkg, unless forced to do that with option –force-hold.
  3. deinstall – The package is selected for deinstallation (i.e. we want to remove all files, except configuration files).
  4. purge – The package is selected to be purged (i.e. we want to remove everything from system directories, even configuration files).

Option #1: dpkg command syntax

To blacklist a Debian / Ubuntu package use the following command:

echo "packageName hold" | dpkg --set-selections
echo "lighttpd hold" | dpkg --set-selections

To remove package hold and install/upgrade again:

echo "packageName install” | dpkg --set-selections
echo "lighttpd install” | dpkg --set-selections

Option #2: /etc/apt/apt.conf.d/01autoremove

Another option is to edit a file called /etc/apt/apt.conf.d/01autoremove, enter:
# vi /etc/apt/apt.conf.d/01autoremove
Sample outputs:



Move cursor at the the bottom of the section called “Never-MarkAuto-Sections” and append and entry to the section to block grub I entered “php5-cgi*”:


Save and close the file.

A note about RHEL / CentOS / SL / Fedora Linux users

You need to edit a file called name.repo see, how to blacklist a package under RHEL / CentOS for more information.

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 3 comments so far... add one

CategoryList of Unix and Linux commands
Disk space analyzersncdu pydf
File Managementcat
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
3 comments… add one
  • Stephan Hughson Sep 30, 2012 @ 8:26

    There’s another way to do this under Ubuntu and Debian which I like as I’m quite lazy.

    You have to install a package called wajig, but it’s small and doesn’t interfere.

    sudo apt-get install wajig

    and then can just do :

    sudo wajig hold packagename

    wajig can do lots of other things too, but I haven’t investigated them yet.

  • Ritesh Raj Sarraf Sep 30, 2012 @ 19:15

    Another option is to use equivs and add all those packages that you never want to see installed into its Conflicts: list.

  • Jens Stomber Oct 8, 2012 @ 21:35


    I suggest to use apt pinning to blacklist packages or set certain versions of a package on hold.

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum