[ previous ] [ Contents ] [ 1 ] [ 2 ] [ 3 ] [ A ] [ next ]
aptitude
is now the preferred text front end for APT, the Advanced
Package Tool. It remembers which packages you deliberately installed and which
packages were pulled in through dependencies; the latter packages are
automatically de-installed by aptitude
when they are no longer
needed by any deliberately installed packages. It has advanced
package-filtering features but these can be difficult to configure.
synaptic
is now the preferred Gtk GUI front end for APT. Its
package filtering capability is easier to use than aptitude
's. It
also has experimental support for Debian Package Tags
.
To reduce the network load on the Debian repositories and to speed up your downloads you should get packages from Debian mirror sites.
If you need to install the same package on several machines on your local
network then you can set up a local HTTP proxy using squid
for
packages downloaded through APT. If necessary, set the http_proxy
environment variable or set the http value in
/etc/apt/apt.conf
.
Although APT's pinning feature, described in apt_preferences(5)
,
is powerful, its effects can be difficult to understand and manage. You should
consider it an Advanced Feature.
The use of chroot is desirable for simultaneously securing both system stability and access to the latest versions of software.
This chapter is based on a post-Woody system. Some features may require a Sarge system or later.
If reading all the developer documentation is too much for you, read this chapter first and start enjoying the full power of Debian with testing/unstable :-)
dpkg – Debian package file installer apt-get – Command line front end for APT aptitude – Advanced text and command line front end for APT synaptic – Gtk GUI front end for APT dselect – Menu-driven package manager tasksel – Task installer
These tools aren't all alternatives to one another. For example,
dselect
uses both APT and dpkg
.
APT uses /var/lib/apt/lists/*
for tracking available packages
while dpkg
uses /var/lib/dpkg/available
. If you have
installed packages using aptitude
or other APT front ends and you
want to use dselect
to install packages then the first thing you
should do is update /var/lib/dpkg/available
by selecting
[U]pdate from dselect
's menu (or by running
"dselect update").
apt-get
automatically installs all packages upon which a requested
package Depends. It does not install the packages that a requested package
merely Recommends or Suggests.
aptitude
, in contrast, can be configured to install packages that
a requested package Recommends or Suggests.
dselect
presents the user with a list of packages that a selected
package Recommends or Suggests and allows these to be selected or deselected
individually.
dpkg-reconfigure - reconfigure an already installed package (if it uses debconf) dpkg-source - manage source package file dpkg-buildpackage - automate the building of a package file apt-cache - check package archive in local cache
Set up sources.list
as described in Preparing for upgrade, Section
2.2. [1]
You can install sets of packages typically required in order to put a Debian system to a certain use. These sets of packages are called "tasks".
The simplest way to install tasks at the time of initial installation is to use
tasksel
. Note that you must run
dselect update
before using it.
aptitude
can also install tasks and is the tool recommended for
this purpose. It enables you to deselect individual packages within tasks
before proceeding to the installation step.
aptitude
aptitude
is a new menu-driven package installer similar to
dselect
but built from scratch on top of APT. It can be used as
an alternative to apt-get
for most commands. See
aptitude(1)
and /usr/share/doc/aptitude/README
.
Once you start using aptitude
it is best to continue using it
rather than alternative methods of installing packages; otherwise you lose the
advantage of aptitude
keeping track of which packages you have
deliberately installed.
aptitude
in full screen mode accepts single-key commands which are
usually lowercase. Notable key strokes are:
Keystroke Action F10 Menu ? Help for keystroke (complete listing) u Update package archive information + Mark the package to be upgraded or newly installed - Mark the package to be removed (keep config) _ Mark the package to be purged (remove config) = Place the package on hold U Mark all upgradable packages to be upgraded g Download and install selected packages q Quit current screen and save changes x Quit current screen and discard changes Enter View information about a package C View a package's changelog l Change the limit for the displayed packages / Search for the first match \ Repeat the last search
Like apt-get
, aptitude
installs packages upon which a
selected package Depends. aptitude
also offers the option to pull
in packages that a to-be-installed package Recommends or Suggests. You can
change the default behavior by choosing F10 -> Options ->
Dependency handling in its menu.
Other advantages of aptitude
are:
aptitude
offers access to all versions of a package.
aptitude
logs its actions in /var/log/aptitude
.
aptitude
makes it easy to keep track of obsolete software by
listing under "Obsolete and Locally Created Packages".
aptitude
includes a fairly powerful system for searching
particular packages and limiting the package display. Users familiar with
mutt
will pick up quickly, as mutt was the inspiration for the
expression syntax. See "SEARCHING, LIMITING, AND EXPRESSIONS" in
/usr/share/doc/aptitude/README
.
aptitude
in full screen mode has su
functionality
embedded and can be run from normal user until you really need administrative
privileges.
dselect
In stable releases up to and including Potato, dselect
was the
principal package maintenance tool. For Sarge, you should consider using
aptitude
instead.
When started, dselect
automatically selects all
"Required", "Important", and "Standard" packages.
dselect
has a somewhat strange user interface. Most people get
used to it, however. It has four commands (Capital means CAPITAL!):
Key-stroke Action Q Quit. Confirm current selection and quit anyway. (override dependencies) R Revert! I did not mean it. D Damn it! I do not care what dselect thinks. Just Do it! U Set all to sUggested state
With D and Q, you can select conflicting selections at your own risk. Handle these commands with care.
Add a line containing the option "expert" in
/etc/dpkg/dselect.cfg
to reduce noise.
If your machine runs dselect
slowly then you might consider
running dselect
on another (faster) machine in order to determine
the packages you want to install, then use apt-get install on the
slow machine to install them.
To track the testing distribution as it changes, make your
/etc/apt/preferences
file look like this:
Package: * Pin: release a=testing Pin-Priority: 800 Package: * Pin: release a=stable Pin-Priority: 600
Note that tracking the testing distribution can have the side effect of delaying the installation of packages containing security fixes. Such packages are uploaded to unstable and migrate to testing only after a delay.
See apt_preferences(5)
for more complicated examples which will
allow you, for example, to track testing while installing selected
packages from unstable.
Examples which lock particular packages at particular versions while tracking
other packages as they are released are available in the examples subdirectory
as
preferences.testing
and preferences.unstable
.
If you mix distributions, e.g., testing with stable
or unstable with stable, you will eventually pull in
core packages such as libc6
from testing or
unstable and there is no guarantee that these will not contain
bugs. You have been warned.
Another example, preferences.stable
, forces all packages to be
downgraded to stable.
Downgrading from a later release of a package to an earlier
one is not officially supported in Debian. However, you may find that you have
to downgrade a specific package in order to re-install a version of a package
that works when a new version malfunctions. You may find these previous
package files locally in /var/cache/apt/archives/
or remotely at
http://snapshot.debian.net/
. See
also Rescue using dpkg
, Section
3.3.3.
Downgrading from a later release of a distribution to an earlier one is not officially supported either and is very likely to cause problems. However, this may be worth trying as a last resort if you are desperate.
aptitude
, apt-get
and apt-cache
commandsWhile tracking testing as described in the above example you can manage the system by using the following commands:
aptitude update (or apt-get update)
These update the list of available packages at the repositories.
aptitude upgrade (or apt-get upgrade or aptitude dist-upgrade or apt-get dist-upgrade)
These track the testing distribution — they upgrade each package on the system, after installing versions of packages upon which it Depends, from the testing distribution. [2]
apt-get dselect-upgrade
This tracks the testing distribution — it upgrades each
package on the system according to the selections of dselect
.
aptitude install package/unstable
This installs package from the unstable distribution while installing its dependencies from the testing distribution.
aptitude install -t unstable package
This installs package from the unstable distribution while installing its dependencies also from the unstable distribution by setting the Pin-Priority of unstable to 990.
apt-cache policy foo bar ...
This checks the status of packages foo bar ....
aptitude show foo bar ... | less (or apt-cache show foo bar ... | less)
This checks the information for packages foo bar ....
aptitude install foo=2.2.4-1
This installs the particular version 2.2.4-1 of the foo package.
aptitude install foo bar-
This installs the foo package and removes the bar package
aptitude remove bar
This removes the bar package but not its configuration files.
aptitude purge bar
This removes the bar package together with all its configuration files.
In the above examples, giving apt-get
the -u option
causes it to print a list of all packages that are to be upgraded and to prompt
the user before taking action. aptitude
does this by default.
The following makes apt-get
always do this:
$ cat >> /etc/apt/apt.conf << . // Always show packages to be upgraded (-u) APT::Get::Show-Upgraded "true"; .
Use the --no-act option to simulate actions without actually installing, removing, etc., any packages.
With this knowledge you can live the life of eternal upgrade :-)
If you are experiencing problems with a specific package, make sure to check
out these sites first before you seek help or file a bug report.
(lynx
, links
, and w3m
work equally
well):
$ lynx http://bugs.debian.org/ $ lynx http://bugs.debian.org/package-name # if you know package name $ lynx http://bugs.debian.org/bugnumber # if you know bug number
Search Google (www.google.com) with search words including "site:debian.org".
When in doubt, read the fine manual. Set CDPATH as follows:
export CDPATH=.:/usr/local:/usr/share/doc
and type
$ cd packagename $ pager README.Debian # if this exists $ mc
Package dependency problems may occur when upgrading in unstable or testing as described in Upgrading, Section 2.3. Most of the time this is because a package that will be upgraded Depends on a package that is not yet available. These problems are fixed by using
# aptitude dist-upgrade
If this does not work, then repeat one of the following until the problem resolves itself:
# aptitude -f upgrade # continue upgrade even after error ... or # aptitude -f dist-upgrade # continue dist-upgrade even after error
Some really broken upgrade scripts may cause persistent trouble. It is usually
better to resolve this type of situation by inspecting the
/var/lib/dpkg/info/packagename.{post,pre}{inst,rm}
scripts of the offending package and then running:
# dpkg --configure -a # configures all partially installed packages
If a script complains about a missing configuration file, look in
/etc/
for the corresponding configuration file. If one exists
with an extension of .dpkg-new (or something similar),
mv
it to remove the suffix.
Package dependency problems may occur when installing in unstable or testing. There are ways to circumvent dependencies.
# aptitude -f install package # override broken dependencies
An alternative method to fix these situations is to use the equivs
package. See /usr/share/doc/equivs/README.Debian
.
dpkg
If you reach a dead end using APT you can download package files from Debian
mirrors and install them using dpkg
. If you do have not access to
the network you can look for cached copies of package files in
/var/cache/apt/archives/
.
# dpkg -i fetchmail_6.2.5-4_i386.deb
If attempting to install a package this way fails due to dependency violations
and you really need to install the package then you can override dependency
checks using dpkg
's --ignore-depends,
--force-depends and other options. See dpkg(8)
for
details.
If /var/lib/dpkg/status
becomes corrupt for any reason, the Debian
system loses package selection data and suffers severely. Look for the old
/var/lib/dpkg/status
file at /var/lib/dpkg/status-old
or /var/backups/dpkg.status.*
.
Keeping /var/backups/
in a separate partition may be a good idea
since this directory contains lots of important system data.
If no old /var/lib/dpkg/status
file is available, you can still
recover information from directories in /usr/share/doc/
.
# ls /usr/share/doc | \ grep -v [A-Z] | \ grep -v '^texmf$' | \ grep -v '^debian$' | \ awk '{print $1 " install"}' | \ dpkg --set-selections # dselect --expert # reinstall system, de-select as needed
/var
Since the /var
directory contains regularly updated data such as
mail, it is more susceptible of corruption than, e.g., /usr/
.
Putting /var/
on a separate partition reduces risks. If disaster
happens, you may have to rebuild the /var
directory to rescue your
Debian system.
Obtain the skeleton content of the /var
directory from a minimum
working Debian system based on the same or older Debian version, for example
, and
place it in the root directory of the broken system. Then
var.tar.gz
# cd / # mv var var-old # if any useful contents are left # tar xvzf var.tar.gz # use Woody skeleton file # aptitude # or dselect
This should provide a working system. You can expedite the recovery of package selections by using the technique described in Recover package selection data, Section 3.3.4. ([FIXME]: This procedure needs more experiments to verify.)
Boot into Linux using a Debian rescue floppy/CD or an alternative partition in
a multiboot Linux system. Mount the unbootable system on /target
and use the chroot install mode of dpkg
.
# dpkg --root /target -i packagefile.deb
Then configure and fix problems.
By the way, if a broken lilo
is all that prevents booting, you can
boot using a standard Debian rescue disk. At boot prompt, assuming the root
partition of your Linux installation is in /dev/hda12
and you want
runlevel 3, enter:
boot: rescue root=/dev/hda12 3
Then you are booted into an almost fully functional system with the kernel on floppy disk. (There may be minor glitches due to lack of kernel features or modules.)
dpkg
command is broken
A broken dpkg
may make it impossible to install any
.deb files. A procedure like the following will help you recover
from this situation. (In the first line, you can replace "links"
with your favorite browser command.)
$ links http://http.us.debian.org/debian/pool/main/d/dpkg/ ... download the good dpkg_version_arch.deb $ su password: ***** # ar x dpkg_version_arch.deb # mv data.tar.gz /data.tar.gz # cd / # tar xzfv data.tar.gz
For i386, http://packages.debian.org/dpkg may also be used as the URL.
Enlightenment with these commands will save a person from the eternal karmic struggle of upgrade hell and let him reach Debian nirvana. :-)
To find the package to which a particular filename pattern belongs in the installed packages:
$ dpkg {-S|--search} pattern
Or to find the similar in the Debian archive:
$ wget http://ftp.us.debian.org/debian/dists/sarge/Contents-i386.gz $ zgrep -e pattern Contents-i386.gz
Or use specialized package commands:
# aptitude install dlocate $ dlocate filename # fast alternative to dpkg -L and dpkg -S ... # aptitude install auto-apt # on-demand package installation tool # auto-apt update # create db file for auto-apt $ auto-apt search pattern # search for pattern in all packages, installed or not
Search and display information from package archives. Make sure to point APT
to the proper archive(s) by editing /etc/apt/sources.list
. If you
want to see how packages in testing/unstable do
against the currently installed one, use apt-cache
policy—quite nice.
# apt-get check # update cache and check for broken packages $ apt-cache search pattern # search package from text description $ apt-cache policy package # package priority/dists information $ apt-cache show -a package # show description of package in all dists $ apt-cache showsrc package # show description of matching source package $ apt-cache showpkg package # package information for debugging # dpkg --audit|-C # search for partially installed packages $ dpkg {-s|--status} package ... # description of installed package $ dpkg -l package ... # status of installed package (1 line each) $ dpkg -L package ... # list filenames installed by the package
apt-cache showsrc is not documented as of the Woody release but works :)
You can also find package information in (I use mc to browse these):
/var/lib/apt/lists/* /var/lib/dpkg/available
The comparison of the following files provides information on what exactly has happened in the last few install sessions.
/var/lib/dpkg/status /var/backups/dpkg.status*
For an unattended installation, add the following line in
/etc/apt/apt.conf
:
Dpkg::Options {"--force-confold";}
This equivalent to running aptitude -y install
packagename or apt-get -q -y install
packagename. Because this automatically answers
"yes" to all prompts, it may cause problems, so use this trick with
care. See apt.conf(5)
and dpkg(1)
.
You can configure any particular packages later by following Reconfigure installed packages, Section 3.4.4.
Use the following to reconfigure any already-installed package.
# dpkg-reconfigure --priority=medium package [...] # dpkg-reconfigure --all # reconfigure all packages # dpkg-reconfigure locales # generate any extra locales # dpkg-reconfigure --p=low xserver-xfree86 # reconfigure X server
Do this for debconf
if you need to change the debconf
dialog mode permanently.
Some programs come with special configuration scripts. [3]
apt-setup - create /etc/apt/sources.list install-mbr - install a Master Boot Record manager tzconfig - set the local time zone gpmconfig - set gpm mouse daemon eximconfig - configure Exim (MTA) texconfig - configure teTeX apacheconfig - configure Apache (httpd) cvsconfig - configure CVS sndconfig - configure sound system ... update-alternatives - set default command, e.g., vim as vi update-rc.d - System-V init script management update-menus - Debian menu system ...
Remove a package while maintaining its configuration:
# aptitude remove package ... # dpkg --remove package ...
Remove a package and all configuration:
# aptitude purge package ... # dpkg --purge package ...
For example, holding of libc6
and libc6-dev
for
dselect
and aptitude install package can
be done as follows:
# echo -e "libc6 hold\nlibc6-dev hold" | dpkg --set-selections
aptitude install package will not be hindered by this
"hold". To hold a package through forcing automatic downgrade for
aptitude upgrade package or aptitude
dist-upgrade, add the following to /etc/apt/preferences
:
Package: libc6 Pin: release a=stable Pin-Priority: 2000
Here the "Package:" entry cannot use entries such as
"libc6*". If you need to keep all binary packages
related to the glibc
source package in a synchronized version, you
need to list them explicitly.
The following will list packages on hold:
dpkg --get-selections "*"|grep -e "hold$"
apt-show-versions
can list available package versions by
distribution.
$ apt-show-versions | fgrep /testing | wc ... how many packages you have from testing $ apt-show-versions -u ... list of upgradeable packages $ aptitude install `apt-show-versions -u -b | fgrep /unstable` ... upgrade all unstable packages to their newest versions
Package installation with APT leaves cached package files in
/var/cache/apt/archives/
and these need to be cleaned.
# aptitude autoclean # removes only useless package files # aptitude clean # removes all cached package files
To make a local copy of the package selection states:
# dpkg --get-selections "*" >myselections # or use \* # debconf-get-selections > debconfsel.txt
"*" makes myselections include package entries for "purge" too.
You can transfer this file to another computer, and install it there with:
# dselect update # debconf-set-selections < debconfsel.txt # dpkg --set-selections <myselections # apt-get -u dselect-upgrade # or dselect install
For partial upgrades of the stable system, rebuilding a package
within its environment using the source package is desirable. This avoids
massive package upgrades due to their dependencies. First, add the following
entries to /etc/apt/sources.list
:
deb-src http://http.us.debian.org/debian testing \ main contrib non-free deb-src http://http.us.debian.org/debian unstable \ main contrib non-free
Here each entry for deb-src is broken into two lines because of
printing constraints, but the actual entry in sources.list
should
consist of a single line.
Then get the source and make a local package:
$ apt-get update # update the source package search list $ apt-get source package $ dpkg-source -x package.dsc $ cd package-version ... inspect required packages (Build-Depends in .dsc file) and install them too. You need the "fakeroot" package also. $ dpkg-buildpackage -rfakeroot ...or (no sig) $ dpkg-buildpackage -rfakeroot -us -uc # use "debsign" later if needed ...Then to install $ su -c "dpkg -i packagefile.deb"
Usually, one needs to install a few packages with the "-dev" suffix
to satisfy package dependencies. debsign
is in the
devscripts
package. auto-apt
may ease satisfying
these dependencies. Use of fakeroot
avoids unnecessary use of the
root account.
In Woody, these dependency issues can be simplified. For example, to compile a
source-only pine
package:
# apt-get build-dep pine # apt-get source -b pine
In order to create a local package archive which is compatible with APT and the
dselect
system, Packages
needs to be created and
package files need to be populated in a particular directory tree.
A local deb repository similar to an official Debian archive can be made in this way:
# aptitude install dpkg-dev # cd /usr/local # install -d pool # physical packages are located here # install -d dists/unstable/main/binary-i386 # ls -1 pool | sed 's/_.*$/ priority section/' | uniq > override # editor override # adjust priority and section # dpkg-scanpackages pool override /usr/local/ \ > dists/unstable/main/binary-i386/Packages # cat > dists/unstable/main/Release << EOF Archive: unstable Version: 3.0 Component: main Origin: Local Label: Local Architecture: i386 EOF # echo "deb file:/usr/local unstable main" \ >> /etc/apt/sources.list
Alternatively, a quick-and-dirty local deb repository can be made:
# aptitude install dpkg-dev # mkdir /usr/local/debian # mv /some/where/package.deb /usr/local/debian # dpkg-scanpackages /usr/local/debian /dev/null | \ gzip - > /usr/local/debian/Packages.gz # echo "deb file:/usr/local/debian ./" >> /etc/apt/sources.list
These archives can be remotely accessed by providing access to these
directories through either HTTP or FTP methods and changing entries in
/etc/apt/sources.list
accordingly.
alien
enables the conversion of binary packages provided in Red
Hat rpm, Stampede slp, Slackware tgz,
and Solaris pkg file formats into a Debian deb
package. If you want to use a package from another Linux distribution than the
one you have installed on your system, you can use alien
to
convert it to your preferred package format and install it. alien
also supports LSB packages.
auto-apt
is an on-demand package installation tool.
$ sudo auto-apt update ... update database $ auto-apt -x -y run Entering auto-apt mode: /bin/bash Exit the command to leave auto-apt mode. $ less /usr/share/doc/med-bio/copyright # access non-existing file ... Install the package which provide this file. ... Also install dependencies
debsums
enables verification of installed package files against
MD5 checksums. Some packages do not have available MD5 checksums. A possible
temporary fix for sysadmins:
# cat >>/etc/apt/apt.conf.d/90debsums DPkg::Post-Install-Pkgs {"xargs /usr/bin/debsums -sg";}; ^D
per Joerg Wendland joergland@debian.org
(untested).
dpkg-divert
command
File diversions are a way of forcing dpkg
not to
install a file into its default location, but to a diverted
location. Diversions can be used through the Debian package scripts to move a
file away when it causes a conflict. System administrators can also use a
diversion to override a package's configuration file, or whenever some files
(which aren't marked as conffiles) need to be preserved by dpkg
,
when installing a newer version of a package which contains those files.
# dpkg-divert [--add] filename # add "diversion" # dpkg-divert --remove filename # remove "diversion"
It's usually a good idea not to use dpkg-divert
unless it is
absolutely necessary.
equivs
packageIf you compile a program from source, it is best to make it into a real local debianized package (*.deb). Use equivs as a last resort.
Package: equivs Priority: extra Section: admin Description: Circumventing Debian package dependencies This is a dummy package which can be used to create Debian packages, which only contain dependency information.
To make the command vi
run vim
, use
update-alternatives
:
# update-alternatives --display vi ... # update-alternatives --config vi Selection Command ----------------------------------------------- 1 /usr/bin/elvis-tiny 2 /usr/bin/vim *+ 3 /usr/bin/nvi Enter to keep the default[*], or type selection number: 2
Items in the Debian alternatives system are kept in
/etc/alternatives/
as symlinks.
To set your favorite X Window environment, apply
update-alternatives
to /usr/bin/x-session-manager
and
/usr/bin/x-window-manager
.
/bin/sh
is a direct symlink to /bin/bash
or
/bin/dash
. It's safer to use /bin/bash
to be
compatible with old Bashism-contaminated scripts but better discipline to use
/bin/dash
to enforce POSIX compliance. Upgrading to a 2.4 Linux
kernel tends to set this to /bin/dash
.
When installed, most Debian packages configure their services to run in
runlevels 2 through 5. Thus, there are no differences between runlevels 2, 3,
4 and 5 on a Debian system that has not been customized; Debian leaves it up to
the local administrator to customize runlevels. This differs from the way
runlevels are used by some other popular GNU/Linux distributions. One change
you may want to make is to disable xdm
or gdm
in
runlevel 2 so that the X display manager is not started at the end of the boot
sequence; you can then start it by switching to runlevel 3.
Debian developers take system security seriously. Many daemon services are installed with the fewest services and features enabled.
Run ps aux or check the contents of /etc/init.d/*
and
/etc/inetd.conf
, if you have any doubts (about Exim, DHCP, ...).
Also check /etc/hosts.deny
. The pidof
command is
also useful (see pidof(8)
).
X11 doesn't allow TCP/IP (remote) connections by default in recent versions of Debian. X forwarding in SSH is also disabled.
[ previous ] [ Contents ] [ 1 ] [ 2 ] [ 3 ] [ A ] [ next ]
Debian Quick Reference
CVS, Thu Jan 18 11:54:29 UTC 2007osamu#at#debian.org