In the following scenario, important packages can end up in the list of apt-get autoremove candidates:
- Package A is installed, either by hand or with puppet. Package A depends on B, hence B gets installed and marked as being automatically installed
- Package B is needed for a certain reason, and a puppet manifest with require_package('B') is added. B is already installed, hence nothing much happens
- Package A isn't necessary anymore and it gets removed
- apt-get autoremove considers B for removal as it is apt-marked as auto
This problem can be fixed by making require_package mark packages as manually installed (apt-mark manual $pkg) if they weren't already.