1. Overview
APT (Advanced Package Tool) and Snap are both package management systems for Linux-based operating systems. APT is the traditional package manager for Debian and Ubuntu-based distributions, while Snap is another, newer package management system developed by Canonical that works across a range of Linux distributions.
In this tutorial, we’ll look at the main differences between the two.
2. Packaging Format
APT uses .deb package format, whereas Snap has its own new package format that includes all of the software’s dependencies.
APT packages rely on other packages on the system to run, while Snap packages don’t. This means that we can install and run Snap packages on any Linux distribution that supports Snaps without worrying about compatibility issues.
3. Distribution
APT uses a repository of software packages, which the distribution’s team maintains. Snap packages, on the other hand, can be distributed directly by the developer or publisher across multiple Linux distributions.
The downside of this is security, where, for example, in 2018, two applications were found to contain cryptocurrency miners that ran in the background during application execution. Hence, it’s recommended to only install Snap packages from publishers that the users trust.
4. Updates Management
Software updates are one of the main issues that Snap tries to solve.
While we can update APT packages using the apt-get or apt command, or via various graphical front-ends such as Software Center on Ubuntu or GNOME Software on Debian, Snap packages are updated automatically in the background by default.
If we need a GUI to explore Snap packages, we can install Snap Store:
$ sudo apt install snap-store
The command installs the Snap Store software for our GUI environment.
4.1. Configuring APT Auto Update
As of Debian 9 (Stretch), APT has two packages – unattended-upgrades and apt-listchanges – that are installed by default to update the software indexes and upgrade the software automatically.
If we want to change APT’s auto update config, we can run these commands:
$ sudo systemctl edit apt-daily.timer
$ sudo systemctl restart apt-daily.timer
$ sudo systemctl status apt-daily.timer
In a resource-constrained or sensitive environment that needs to have a specific version of a package installed, we might need to disable the auto-update services:
$ sudo systemctl disable apt-daily.timer
$ sudo systemctl disable apt-daily.service
$ sudo systemctl disable apt-daily-upgrade.timer
$ sudo systemctl disable apt-daily-upgrade.service
4.2. Configuring Snap Auto Refresh
Let’s change Snap’s update schedule from 2 AM to 3 AM:
$ sudo snap set core refresh.schedule=2:00-3:00
We can also disable the auto-update services forever:
$ snap refresh --hold
Auto-refresh of all snaps held indefinitely
Additionally, we can remove the hold or re-enable the auto-update service:
$ snap refresh --unhold
Removed auto-refresh hold on all snaps
And finally, let’s check the system refresh status:
$ sudo snap get system refresh
Key Value
refresh.hold forever
refresh.retain 2
refresh.schedule 2:00-3:00
4.3. Removing Old Snap Revisions
Snap retains a number of package revisions in order to support its rollback feature. By default, it retains three package revisions:
$ sudo snap get system refresh
Key Value
refresh.retain 3
We can change the refresh.retain config value. The value must be between 2 and 20, otherwise it’ll throw an error:
$ sudo snap set system refresh.retain=30
error: cannot perform the following tasks:
- Run configure hook of "core" snap (run hook "configure": retain must be a number between 2 and 20, not "30")
$ sudo snap set system refresh.retain=2
$ sudo snap get system refresh
Key Value
refresh.retain 2
Let’s list all the snaps revisions:
$ snap list --all
Name Version Rev Tracking Publisher Notes
...
bitwarden 2023.1.1 82 latest/stable bitwarden✓ -
bitwarden 2023.1.0 81 latest/stable bitwarden✓ disabled
core 16-2.58 14447 latest/stable canonical✓ core
core22 20221212 469 latest/stable canonical✓ base,disabled
core22 20230110 484 latest/stable canonical✓ base
drawio 20.8.10 169 latest/stable jgraph✓ -
drawio 20.7.4 168 latest/stable jgraph✓ disabled
...
The old revisions are the ones that have the word “disabled” in the Notes column.
We can remove them manually one-by-one:
$ snap remove drawio --revision=168
drawio (revision 168) removed
Or we can create a script file to delete them all:
#!/bin/bash
#Removes old revisions of snaps
#CLOSE ALL SNAPS BEFORE RUNNING THIS
set -eu
LANG=en_US.UTF-8 snap list --all | awk '/disabled/{print $1, $3}' |
while read snapname revision; do
snap remove "$snapname" --revision="$revision"
done
The script above will delete all “disabled” revisions.
5. Security
APT packages integrate tightly with the host operating system, while Snap packages run in a sandbox environment with their own set of permissions, which limits the potential damage if there’s a security vulnerability.
Snap stores its software packages in the ~/snap directory by default, and each revision has its own directory that we can easily delete without affecting other revisions or packages.
6. Performance
APT packages are smaller than Snap packages, as Snap bundles all its dependencies. So downloading Snap packages may take a bit longer.
Starting APT software is typically faster than Snap software. This is because Snap uses the compressed SquashFS filesystem format. After installation, the host operating system mounts the Snap package and decompresses it on the fly when the software uses the files. This means that the larger the application size, then the longer it takes to start.
7. Conclusion
In this article, we learned how the APT and Snap package management systems have their own advantages and disadvantages. We saw how to use these systems to install and manage software on Linux-based operating systems. Which package management system that we choose to use depends on our specific needs.