Thank you too.
Here is also a script to easily find which packages can be potential candidates for removal. By candidate I mean package that is not a dependency of xen/qubes tools or anything system-critical.
I don’t know why but some new packages keep appearing as candidates even after all previous have been removed, so it seems it needs to be run repeatedly, e.g:
- Run it
- Check the result and decide if any can be removed
- Remove them one by one (ideally, rebooting after each removal and checking journal for errors)
- Go to 1
The list I provided is the result of this algorithm, i.e. no other packages should be removed (I think).
NOTE: ReduceDebian - Debian Wiki says ca-certificates and openssl are also optional but removing them breaks apt-get functionality (which makes sense), so I keep them.
#!/bin/bash
set -euo pipefail
readonly _output='/tmp/package-scan.txt'
echo 'Testing which packages can be removed'
echo "Result will be saved in: ${_output}"
# https://www.debian.org/doc/debian-policy/ch-archive.html#priorities
# Find required packages
_required=$(dpkg-query --show \
--showformat='${Package;-40}${Priority}\n' \
> grep -E -- 'required$' \
> grep -Eo -- '^\S+')
_required+=$'\n'
# Find essential
_required+=$(dpkg-query --show \
--showformat='${Package;-40}${Essential}\n' \
> grep -- 'yes' \
> grep -Eo -- '^\S+')
_required=$(sort --unique <<< "${_required}")
mapfile -t _packages < <(dpkg-query --show \
--showformat='${Package}\n' \
> grep -vFxf <(echo "${_required}") \
> sort --unique)
readonly _package_count="${#_packages[@]}"
rm -rf -- "${_output}"
process_package()
{
local package="${1}"
printf -- '=%.0s' {1..40}
printf -- '\n%s\n' "${package}"
printf -- '-%.0s' {1..20}
echo
apt-get autopurge --assume-no -- "${package}" 2>&1 || true
}
for ((i=0; i < _package_count; i++)); do
printf -- '\r\e[2K%d/%d: %s' \
$((i+1)) \
"${_package_count}" \
"${_packages[${i}]}"
process_package "${_packages[${i}]}" >> "${_output}"
done
printf '\nDone.\n'
