Packages
Typically packages are nothing more that some kind of archive. However this archive besides the actual files to be copied to the underlying system contains a lot of additional configuration scripts.
DEB
AR archive with following 3 top-level files included:
1. control.tar.gz - control files. Theoretically it must contain following files:
- control kind of key-value file. Contains information about packaged data (like: author, some description, dependencies)
Fields (some of them):
Source - name of the source package
Package - name of the binary package
Section - mainly for front-ends that display packages grouped into categories
Priority - how important for the user the package is. For front-ends use (mainly when the apt-like software selects default packages for user or solves conflicts)
Architecture - if this package is architecture dependent (any) or not (all - e.g. Java applications)
Depends - the package will not be installed unless the packages it depends on are installed
- changelog dpkg uses this files to obtain version information, distribution, urgency etc of the package
- copyright copyright and license
Some of optional files:
- conffiles list of packaged application configuration files. When upgrading package you'll be asked what to do with any file listed here
that changed on the filesystem
- package.cron.* e.g. my_app.cron.hourly will be installed as /etc/cron.hourly/my_app and will run every hour
- dirs specifies any directories which we need but which are not created by the normal installation procedure
- md5sums used to verify if installed files have been modified
2. data.tar.gz (since Debian 8: data.tar.xz) - actual files
3. debian-binary
RPM
todo
APT/Aptitude
Highest priority number means highest priority of package.
Cheat sheet
| command | description |
|---|---|
aptitude versions the_package, apt-cache policy the_package, dpkg-query -l \| grep the_package |
show available/installed package version |
apt-cache depends the_package |
show package dependencies |
apt-get install --only-upgrade the_package |
upgrade/downgrade only one specific package |
apt-get autoremove --purge |
Remove dangling packages |
aptitude autoclean |
remove old cached packages |
aptitude clean |
remove cached packages |
dpkg -S /bin/ping |
show to which package does the file belong to |
Configuration
APT configuration can be dumped with:
apt-config dump
To reload configuration changes (either repositories changes or apt.conf.d/* changes use:
apt-get update
Preferences
In general, same package may be defined in multiple repositories with different versions (or not).
The mechanism that determines which package version will be installed is called preferences (consult: man apt_preferences).
Used to pick package version when apt list files (/etc/apt/sources.list or /etc/apt/sources.list.d/*.list) contains references to more than one distribution eg. contains both stable and testing repositories.
1. Normally without using apt_preferences the apt will pick the package coming from the first entry in sources.list.
2. If no preferences exists or contains no entry for given package then the package priority is the priority of distro. If preference exists for given package then its value is used.
3. To “force” usage of some other distro, use -t flag (specify target release), eg.
apt-get install -t experimental some-package. If -t is given then check man apt_preferences for algorithm that assign priority for package.
It roughly specifies:
- If target release contains in release files “NotAutomatic: yes” but not “ButAutomaticUpgrades: yes”. Then the priority is 1
- If package is installed or if target release’s release file contains “NotAutomatic: yes” and “ButAutomaticUpgrades: yes”. Then the priority is 100
- If the package is not installed and do not belong to the target release. Then the priority is 500
- If the package is not installed and belong to the target release. Then the priority is 990.
4. Installs version with highest priority (highest number).
Please mind that if you have configured package pinning and e.g. your stable is configured to have priority of 995 (or anything greater than 990) then -t will have no effect.
You can always verify with apt-cache policy -t target-release package which exact version of package is going to be installed
Override preferences
The package is always installed when package version (or target repository) is provided.
To provide version use = e.g. apt-get install firefox-esr=60.6.1esr-1~deb9u1
To provide target repository use forward slash \ e.g. apt-get install firefox-esr/stretch-updates
Preferences files
Located in /etc/apt/preferences.d
Parsed in alphanumeric ascending order
Need to obey convention:
1. No filename extension or .pref
2. Filename chars allowed: alphanumeric, hyphen, underscore and period
The file itself contains records separated by blank lines.
Preference refers to the mentioned package(s) and the mentioned package(s) only (doesn't affect its dependencies).
This is one of the reasons why this mechanism is kind of "discouraged".
Typical pref file:
Package: *
Pin: release o=Debian,a=testing
Pin-Priority: 900
Configuration options:
| Option | Meaning |
|---|---|
Pin-Priority |
The priority |
Package |
To which package does the rule apply to. Can be regex |
Pin |
More complex rule to match packages on. Using Pin it is possible to point the desired repository that will be used to fetch package |
Pin
Possible Pin options (and they should be defined) are rather poorly documented.
Using Pin it is possible to point the exact repository to be used for given package(s).
Pin to version
Without regards to repository holding the perl package, this Pin will assign 1001 priority to every perl package version matching 5.8*
Package: perl
Pin: version 5.8*
Pin-Priority: 1001
Pin to origin
Assiging the priority by the repository URL only.
Package: *
Pin: origin ftp.de.debian.org
Pin-Priority: 980
Pin to Release file
To get the values that it is possible to pin to, download the desired repository's Release file, e.g.:
Archive: Debian_9.0
Codename: Debian_9.0
Origin: obs://build.opensuse.org/isv:ownCloud:desktop/Debian_9.0
Label: isv:ownCloud:desktop
Architectures: amd64
Date: Thu Mar 21 19:36:06 2019
Description: qt depenendencies for client 2.5.x (Debian_9.0)
MD5Sum:
...
SHA1:
...
SHA256:
...
In order to use Origin field:
Package: *
Pin: release o=obs://build.opensuse.org/isv:ownCloud:desktop/Debian_9.0
Pin-Priority: 995
The fields:
| Release file field | Pin option |
|---|---|
Archive, Suite |
a |
Codename |
n |
Version |
v |
Component |
c |
Origin |
o |
Label |
l |
Entries can be concatenated with , e.g.: Pin: release o=Debian Mozilla Team,c=iceweasel-aurora
In order to debug what package version is going to be installed use: apt-cache policy the_package
Package configuration
To display package configuration files use:
debconf-show the_package
To set package configuration option use (wireshark example, using here-string):
debconf-set-selections <<< 'wireshark-common wireshark-common/install-setuid boolean false'
References
- https://wiki.debian.org/AptPreferences
- https://wiki.debian.org/UnattendedUpgrades
- https://www.debian.org/doc/manuals/repository-howto/repository-howto
- https://dug.net.pl/tekst/163/priorytety_pakietow_(apt_pinning__pin_priority)/
- https://www.debian.org/doc/manuals/maint-guide/index.en.html
- https://www.debian.org/doc/debian-policy/index.html