CodeClarityLab / Glossary
Ctrl K
← CodeClarityLab Home
Browse by Category
+ added · updated 7d
⚖ Terms of Use
← Back to glossary

Linux Package Managers

linux Beginner

Also Known As

apt yum dnf apk apt-get

TL;DR

apt (Debian/Ubuntu), yum/dnf (RHEL/CentOS/Fedora), apk (Alpine) — tools for installing, updating, and managing system software packages and their dependencies.

Explanation

Package managers resolve dependencies, verify signatures, and maintain package state. apt (Advanced Package Tool): apt install/remove/update/upgrade/autoremove, apt-cache search/show. dnf (replacing yum): dnf install/remove/update, dnf search. apk (Alpine — used in Docker): apk add/del/update/upgrade. Key differences: Alpine's apk is designed for minimal containers (no pkg-cache by default), apt uses .deb packages, dnf/yum uses .rpm. For PHP: ubuntu/debian use apt for PHP packages (ondrej/php PPA for multiple versions), Alpine uses apk. Security: always verify package signatures, use apt-key or dnf GPG checks.

Common Misconception

apt-get and apt are interchangeable — apt-get is the older low-level tool; apt is the modern user-friendly frontend with progress bars and better defaults; use apt in scripts for consistency.

Why It Matters

Docker images based on Alpine are 3-5x smaller than Ubuntu/Debian images — choosing the right base image and package manager significantly affects container size and security surface.

Common Mistakes

  • Not running apt update before apt install — installs outdated packages with stale package lists.
  • No apt-get clean in Dockerfiles — package cache adds 50-100MB to image layers.
  • apk --no-cache not used in Dockerfile — Alpine caches packages by default, bloating the image.
  • Installing build tools without --virtual in apk — leaves build deps in production image.

Code Examples

✗ Vulnerable 
# Bloated Dockerfile — cache not cleaned:
FROM ubuntu:22.04
RUN apt-get install -y php8.3-fpm
# Layer includes full apt cache: +100MB

# Alpine without --no-cache:
FROM alpine:3.19
RUN apk add php83-fpm
# Package cache retained: +30MB
✓ Fixed 
# Clean apt cache in same layer:
FROM ubuntu:22.04
RUN apt-get update && apt-get install -y php8.3-fpm \
    && apt-get clean && rm -rf /var/lib/apt/lists/*

# Alpine with --no-cache — no package cache:
FROM alpine:3.19
RUN apk add --no-cache php83-fpm

# Install + clean in one RUN to minimise layer size:
RUN apk add --no-cache --virtual .build-deps \
        gcc musl-dev \
    && docker-php-ext-install pdo_mysql \
    && apk del .build-deps  # Remove build tools from final image
Added 16 Mar 2026
Edited 22 Mar 2026
Views 20

Curated in Warsaw under one editorial standard. 1,445 terms, single voice.  About this reference →

Rate this term
No ratings yet
🤖 AI Guestbook educational data only
| |
Last 30 days
1 ping F 0 pings S 0 pings S 1 ping M 0 pings T 0 pings W 1 ping T 1 ping F 0 pings S 0 pings S 0 pings M 0 pings T 0 pings W 0 pings T 1 ping F 0 pings S 0 pings S 0 pings M 0 pings T 1 ping W 0 pings T 1 ping F 0 pings S 0 pings S 0 pings M 0 pings T 0 pings W 0 pings T 1 ping F 0 pings S
Agents 0
No pings yet today
Amazonbot 7 Perplexity 3 Ahrefs 2 Unknown AI 2 Google 1
Also referenced
Containerisation (Docker for PHP) 31 Linux File Permissions 26 Linux User & Group Management 24 Docker Multi-Stage Builds 23
How they use it
crawler 15
Related categories
devops 1.1k linux 510
DEV INTEL Tools & Severity
🟡 Medium ⚙ Fix effort: Low
⚡ Quick Fix
Add apt-get clean && rm -rf /var/lib/apt/lists/* to every apt-get install command in Dockerfiles — it removes the package cache, keeping Docker images small
📦 Applies To
any cli
🔗 Prerequisites
🔍 Detection Hints
Docker image with apt cache not cleaned; no apt-get update before install; mixing PHP extension install approaches
Auto-detectable: ✓ Yes hadolint dive trivy
⚠ Related Problems
🤖 AI Agent
Confidence: Medium False Positives: Low ✗ Manual fix Fix: Medium Context: File
CWE-829
✓ schema.org compliant