[ previous ] [ Contents ] [ 1 ] [ 2 ] [ 3 ] [ A ] [ next ]
aptitude is now the preferred text front end for APT, the Advanced
Package Tool. It remembers which packages you deliberately installed and which
packages were pulled in through dependencies; the latter packages are
automatically de-installed by aptitude when they are no longer
needed by any deliberately installed packages. It has advanced
package-filtering features but these can be difficult to configure.
synaptic is now the preferred Gtk GUI front end for APT. Its
package filtering capability is easier to use than aptitude's. It
also has experimental support for Debian Package Tags.
To reduce the network load on the Debian repositories and to speed up your downloads you should get packages from Debian mirror sites.
If you need to install the same package on several machines on your local
network then you can set up a local HTTP proxy using squid for
packages downloaded through APT. If necessary, set the http_proxy
environment variable or set the http value in
/etc/apt/apt.conf.
Although APT's pinning feature, described in apt_preferences(5),
is powerful, its effects can be difficult to understand and manage. You should
consider it an Advanced Feature.
The use of chroot is desirable for simultaneously securing both system stability and access to the latest versions of software.
This chapter is based on a post-Woody system. Some features may require a Sarge system or later.
If reading all the developer documentation is too much for you, read this chapter first and start enjoying the full power of Debian with testing/unstable :-)
dpkg – Debian package file installer
apt-get – Command line front end for APT
aptitude – Advanced text and command line front end for APT
synaptic – Gtk GUI front end for APT
dselect – Menu-driven package manager
tasksel – Task installer
These tools aren't all alternatives to one another. For example,
dselect uses both APT and dpkg.
APT uses /var/lib/apt/lists/* for tracking available packages
while dpkg uses /var/lib/dpkg/available. If you have
installed packages using aptitude or other APT front ends and you
want to use dselect to install packages then the first thing you
should do is update /var/lib/dpkg/available by selecting
[U]pdate from dselect's menu (or by running
"dselect update").
apt-get automatically installs all packages upon which a requested
package Depends. It does not install the packages that a requested package
merely Recommends or Suggests.
aptitude, in contrast, can be configured to install packages that
a requested package Recommends or Suggests.
dselect presents the user with a list of packages that a selected
package Recommends or Suggests and allows these to be selected or deselected
individually.
dpkg-reconfigure - reconfigure an already installed package
(if it uses debconf)
dpkg-source - manage source package file
dpkg-buildpackage - automate the building of a package file
apt-cache - check package archive in local cache
Set up sources.list as described in Preparing for upgrade, Section
2.2. [1]
You can install sets of packages typically required in order to put a Debian system to a certain use. These sets of packages are called "tasks".
The simplest way to install tasks at the time of initial installation is to use
tasksel. Note that you must run
dselect update
before using it.
aptitude can also install tasks and is the tool recommended for
this purpose. It enables you to deselect individual packages within tasks
before proceeding to the installation step.
aptitude
aptitude is a new menu-driven package installer similar to
dselect but built from scratch on top of APT. It can be used as
an alternative to apt-get for most commands. See
aptitude(1) and /usr/share/doc/aptitude/README.
Once you start using aptitude it is best to continue using it
rather than alternative methods of installing packages; otherwise you lose the
advantage of aptitude keeping track of which packages you have
deliberately installed.
aptitude in full screen mode accepts single-key commands which are
usually lowercase. Notable key strokes are:
Keystroke Action
F10 Menu
? Help for keystroke (complete listing)
u Update package archive information
+ Mark the package to be upgraded or newly installed
- Mark the package to be removed (keep config)
_ Mark the package to be purged (remove config)
= Place the package on hold
U Mark all upgradable packages to be upgraded
g Download and install selected packages
q Quit current screen and save changes
x Quit current screen and discard changes
Enter View information about a package
C View a package's changelog
l Change the limit for the displayed packages
/ Search for the first match
\ Repeat the last search
Like apt-get, aptitude installs packages upon which a
selected package Depends. aptitude also offers the option to pull
in packages that a to-be-installed package Recommends or Suggests. You can
change the default behavior by choosing F10 -> Options ->
Dependency handling in its menu.
Other advantages of aptitude are:
aptitude offers access to all versions of a package.
aptitude logs its actions in /var/log/aptitude.
aptitude makes it easy to keep track of obsolete software by
listing under "Obsolete and Locally Created Packages".
aptitude includes a fairly powerful system for searching
particular packages and limiting the package display. Users familiar with
mutt will pick up quickly, as mutt was the inspiration for the
expression syntax. See "SEARCHING, LIMITING, AND EXPRESSIONS" in
/usr/share/doc/aptitude/README.
aptitude in full screen mode has su functionality
embedded and can be run from normal user until you really need administrative
privileges.
dselect
In stable releases up to and including Potato, dselect was the
principal package maintenance tool. For Sarge, you should consider using
aptitude instead.
When started, dselect automatically selects all
"Required", "Important", and "Standard" packages.
dselect has a somewhat strange user interface. Most people get
used to it, however. It has four commands (Capital means CAPITAL!):
Key-stroke Action
Q Quit. Confirm current selection and quit anyway.
(override dependencies)
R Revert! I did not mean it.
D Damn it! I do not care what dselect thinks. Just Do it!
U Set all to sUggested state
With D and Q, you can select conflicting selections at your own risk. Handle these commands with care.
Add a line containing the option "expert" in
/etc/dpkg/dselect.cfg to reduce noise.
If your machine runs dselect slowly then you might consider
running dselect on another (faster) machine in order to determine
the packages you want to install, then use apt-get install on the
slow machine to install them.
To track the testing distribution as it changes, make your
/etc/apt/preferences file look like this:
Package: *
Pin: release a=testing
Pin-Priority: 800
Package: *
Pin: release a=stable
Pin-Priority: 600
Note that tracking the testing distribution can have the side effect of delaying the installation of packages containing security fixes. Such packages are uploaded to unstable and migrate to testing only after a delay.
See apt_preferences(5) for more complicated examples which will
allow you, for example, to track testing while installing selected
packages from unstable.
Examples which lock particular packages at particular versions while tracking
other packages as they are released are available in the examples subdirectory as
preferences.testing and preferences.unstable.
If you mix distributions, e.g., testing with stable
or unstable with stable, you will eventually pull in
core packages such as libc6 from testing or
unstable and there is no guarantee that these will not contain
bugs. You have been warned.
Another example, preferences.stable, forces all packages to be
downgraded to stable.
Downgrading from a later release of a package to an earlier
one is not officially supported in Debian. However, you may find that you have
to downgrade a specific package in order to re-install a version of a package
that works when a new version malfunctions. You may find these previous
package files locally in /var/cache/apt/archives/ or remotely at
http://snapshot.debian.net/. See
also Rescue using dpkg, Section
3.3.3.
Downgrading from a later release of a distribution to an earlier one is not officially supported either and is very likely to cause problems. However, this may be worth trying as a last resort if you are desperate.
aptitude, apt-get and apt-cache commandsWhile tracking testing as described in the above example you can manage the system by using the following commands:
aptitude update (or apt-get update)
These update the list of available packages at the repositories.
aptitude upgrade (or apt-get upgrade or aptitude dist-upgrade or apt-get dist-upgrade)
These track the testing distribution — they upgrade each package on the system, after installing versions of packages upon which it Depends, from the testing distribution. [2]
apt-get dselect-upgrade
This tracks the testing distribution — it upgrades each
package on the system according to the selections of dselect.
aptitude install package/unstable
This installs package from the unstable distribution while installing its dependencies from the testing distribution.
aptitude install -t unstable package
This installs package from the unstable distribution while installing its dependencies also from the unstable distribution by setting the Pin-Priority of unstable to 990.
apt-cache policy foo bar ...
This checks the status of packages foo bar ....
aptitude show foo bar ... | less (or apt-cache show foo bar ... | less)
This checks the information for packages foo bar ....
aptitude install foo=2.2.4-1
This installs the particular version 2.2.4-1 of the foo package.
aptitude install foo bar-
This installs the foo package and removes the bar package
aptitude remove bar
This removes the bar package but not its configuration files.
aptitude purge bar
This removes the bar package together with all its configuration files.
In the above examples, giving apt-get the -u option
causes it to print a list of all packages that are to be upgraded and to prompt
the user before taking action. aptitude does this by default.
The following makes apt-get always do this:
$ cat >> /etc/apt/apt.conf << .
// Always show packages to be upgraded (-u)
APT::Get::Show-Upgraded "true";
.
Use the --no-act option to simulate actions without actually installing, removing, etc., any packages.
With this knowledge you can live the life of eternal upgrade :-)
If you are experiencing problems with a specific package, make sure to check
out these sites first before you seek help or file a bug report.
(lynx, links, and w3m work equally
well):
$ lynx http://bugs.debian.org/
$ lynx http://bugs.debian.org/package-name # if you know package name
$ lynx http://bugs.debian.org/bugnumber # if you know bug number
Search Google (www.google.com) with search words including "site:debian.org".
When in doubt, read the fine manual. Set CDPATH as follows:
export CDPATH=.:/usr/local:/usr/share/doc
and type
$ cd packagename
$ pager README.Debian # if this exists
$ mc
Package dependency problems may occur when upgrading in unstable or testing as described in Upgrading, Section 2.3. Most of the time this is because a package that will be upgraded Depends on a package that is not yet available. These problems are fixed by using
# aptitude dist-upgrade
If this does not work, then repeat one of the following until the problem resolves itself:
# aptitude -f upgrade # continue upgrade even after error
... or
# aptitude -f dist-upgrade # continue dist-upgrade even after error
Some really broken upgrade scripts may cause persistent trouble. It is usually
better to resolve this type of situation by inspecting the
/var/lib/dpkg/info/packagename.{post,pre}{inst,rm}
scripts of the offending package and then running:
# dpkg --configure -a # configures all partially installed packages
If a script complains about a missing configuration file, look in
/etc/ for the corresponding configuration file. If one exists
with an extension of .dpkg-new (or something similar),
mv it to remove the suffix.
Package dependency problems may occur when installing in unstable or testing. There are ways to circumvent dependencies.
# aptitude -f install package # override broken dependencies
An alternative method to fix these situations is to use the equivs
package. See /usr/share/doc/equivs/README.Debian.
dpkg
If you reach a dead end using APT you can download package files from Debian
mirrors and install them using dpkg. If you do have not access to
the network you can look for cached copies of package files in
/var/cache/apt/archives/.
# dpkg -i fetchmail_6.2.5-4_i386.deb
If attempting to install a package this way fails due to dependency violations
and you really need to install the package then you can override dependency
checks using dpkg's --ignore-depends,
--force-depends and other options. See dpkg(8) for
details.
If /var/lib/dpkg/status becomes corrupt for any reason, the Debian
system loses package selection data and suffers severely. Look for the old
/var/lib/dpkg/status file at /var/lib/dpkg/status-old
or /var/backups/dpkg.status.*.
Keeping /var/backups/ in a separate partition may be a good idea
since this directory contains lots of important system data.
If no old /var/lib/dpkg/status file is available, you can still
recover information from directories in /usr/share/doc/.
# ls /usr/share/doc | \
grep -v [A-Z] | \
grep -v '^texmf$' | \
grep -v '^debian$' | \
awk '{print $1 " install"}' | \
dpkg --set-selections
# dselect --expert # reinstall system, de-select as needed
/var
Since the /var directory contains regularly updated data such as
mail, it is more susceptible of corruption than, e.g., /usr/.
Putting /var/ on a separate partition reduces risks. If disaster
happens, you may have to rebuild the /var directory to rescue your
Debian system.
Obtain the skeleton content of the /var directory from a minimum
working Debian system based on the same or older Debian version, for example
var.tar.gz
# cd /
# mv var var-old # if any useful contents are left
# tar xvzf var.tar.gz # use Woody skeleton file
# aptitude # or dselect
This should provide a working system. You can expedite the recovery of package selections by using the technique described in Recover package selection data, Section 3.3.4. ([FIXME]: This procedure needs more experiments to verify.)
Boot into Linux using a Debian rescue floppy/CD or an alternative partition in
a multiboot Linux system. Mount the unbootable system on /target
and use the chroot install mode of dpkg.
# dpkg --root /target -i packagefile.deb
Then configure and fix problems.
By the way, if a broken lilo is all that prevents booting, you can
boot using a standard Debian rescue disk. At boot prompt, assuming the root
partition of your Linux installation is in /dev/hda12 and you want
runlevel 3, enter:
boot: rescue root=/dev/hda12 3
Then you are booted into an almost fully functional system with the kernel on floppy disk. (There may be minor glitches due to lack of kernel features or modules.)
dpkg command is broken
A broken dpkg may make it impossible to install any
.deb files. A procedure like the following will help you recover
from this situation. (In the first line, you can replace "links"
with your favorite browser command.)
$ links http://http.us.debian.org/debian/pool/main/d/dpkg/
... download the good dpkg_version_arch.deb
$ su
password: *****
# ar x dpkg_version_arch.deb
# mv data.tar.gz /data.tar.gz
# cd /
# tar xzfv data.tar.gz
For i386, http://packages.debian.org/dpkg may also be used as the URL.
Enlightenment with these commands will save a person from the eternal karmic struggle of upgrade hell and let him reach Debian nirvana. :-)
To find the package to which a particular filename pattern belongs in the installed packages:
$ dpkg {-S|--search} pattern
Or to find the similar in the Debian archive:
$ wget http://ftp.us.debian.org/debian/dists/sarge/Contents-i386.gz
$ zgrep -e pattern Contents-i386.gz
Or use specialized package commands:
# aptitude install dlocate
$ dlocate filename # fast alternative to dpkg -L and dpkg -S
...
# aptitude install auto-apt # on-demand package installation tool
# auto-apt update # create db file for auto-apt
$ auto-apt search pattern
# search for pattern in all packages, installed or not
Search and display information from package archives. Make sure to point APT
to the proper archive(s) by editing /etc/apt/sources.list. If you
want to see how packages in testing/unstable do
against the currently installed one, use apt-cache
policy—quite nice.
# apt-get check # update cache and check for broken packages
$ apt-cache search pattern # search package from text description
$ apt-cache policy package # package priority/dists information
$ apt-cache show -a package # show description of package in all dists
$ apt-cache showsrc package # show description of matching source package
$ apt-cache showpkg package # package information for debugging
# dpkg --audit|-C # search for partially installed packages
$ dpkg {-s|--status} package ... # description of installed package
$ dpkg -l package ... # status of installed package (1 line each)
$ dpkg -L package ... # list filenames installed by the package
apt-cache showsrc is not documented as of the Woody release but works :)
You can also find package information in (I use mc to browse these):
/var/lib/apt/lists/*
/var/lib/dpkg/available
The comparison of the following files provides information on what exactly has happened in the last few install sessions.
/var/lib/dpkg/status
/var/backups/dpkg.status*
For an unattended installation, add the following line in
/etc/apt/apt.conf:
Dpkg::Options {"--force-confold";}
This equivalent to running aptitude -y install
packagename or apt-get -q -y install
packagename. Because this automatically answers
"yes" to all prompts, it may cause problems, so use this trick with
care. See apt.conf(5) and dpkg(1).
You can configure any particular packages later by following Reconfigure installed packages, Section 3.4.4.
Use the following to reconfigure any already-installed package.
# dpkg-reconfigure --priority=medium package [...]
# dpkg-reconfigure --all # reconfigure all packages
# dpkg-reconfigure locales # generate any extra locales
# dpkg-reconfigure --p=low xserver-xfree86 # reconfigure X server
Do this for debconf if you need to change the debconf
dialog mode permanently.
Some programs come with special configuration scripts. [3]
apt-setup - create /etc/apt/sources.list
install-mbr - install a Master Boot Record manager
tzconfig - set the local time zone
gpmconfig - set gpm mouse daemon
eximconfig - configure Exim (MTA)
texconfig - configure teTeX
apacheconfig - configure Apache (httpd)
cvsconfig - configure CVS
sndconfig - configure sound system
...
update-alternatives - set default command, e.g., vim as vi
update-rc.d - System-V init script management
update-menus - Debian menu system
...
Remove a package while maintaining its configuration:
# aptitude remove package ...
# dpkg --remove package ...
Remove a package and all configuration:
# aptitude purge package ...
# dpkg --purge package ...
For example, holding of libc6 and libc6-dev for
dselect and aptitude install package can
be done as follows:
# echo -e "libc6 hold\nlibc6-dev hold" | dpkg --set-selections
aptitude install package will not be hindered by this
"hold". To hold a package through forcing automatic downgrade for
aptitude upgrade package or aptitude
dist-upgrade, add the following to /etc/apt/preferences:
Package: libc6
Pin: release a=stable
Pin-Priority: 2000
Here the "Package:" entry cannot use entries such as
"libc6*". If you need to keep all binary packages
related to the glibc source package in a synchronized version, you
need to list them explicitly.
The following will list packages on hold:
dpkg --get-selections "*"|grep -e "hold$"
apt-show-versions can list available package versions by
distribution.
$ apt-show-versions | fgrep /testing | wc
... how many packages you have from testing
$ apt-show-versions -u
... list of upgradeable packages
$ aptitude install `apt-show-versions -u -b | fgrep /unstable`
... upgrade all unstable packages to their newest versions
Package installation with APT leaves cached package files in
/var/cache/apt/archives/ and these need to be cleaned.
# aptitude autoclean # removes only useless package files
# aptitude clean # removes all cached package files
To make a local copy of the package selection states:
# dpkg --get-selections "*" >myselections # or use \*
# debconf-get-selections > debconfsel.txt
"*" makes myselections include package entries for "purge" too.
You can transfer this file to another computer, and install it there with:
# dselect update
# debconf-set-selections < debconfsel.txt
# dpkg --set-selections <myselections
# apt-get -u dselect-upgrade # or dselect install
For partial upgrades of the stable system, rebuilding a package
within its environment using the source package is desirable. This avoids
massive package upgrades due to their dependencies. First, add the following
entries to /etc/apt/sources.list:
deb-src http://http.us.debian.org/debian testing \
main contrib non-free
deb-src http://http.us.debian.org/debian unstable \
main contrib non-free
Here each entry for deb-src is broken into two lines because of
printing constraints, but the actual entry in sources.list should
consist of a single line.
Then get the source and make a local package:
$ apt-get update # update the source package search list
$ apt-get source package
$ dpkg-source -x package.dsc
$ cd package-version
... inspect required packages (Build-Depends in .dsc file) and
install them too. You need the "fakeroot" package also.
$ dpkg-buildpackage -rfakeroot
...or (no sig)
$ dpkg-buildpackage -rfakeroot -us -uc # use "debsign" later if needed
...Then to install
$ su -c "dpkg -i packagefile.deb"
Usually, one needs to install a few packages with the "-dev" suffix
to satisfy package dependencies. debsign is in the
devscripts package. auto-apt may ease satisfying
these dependencies. Use of fakeroot avoids unnecessary use of the
root account.
In Woody, these dependency issues can be simplified. For example, to compile a
source-only pine package:
# apt-get build-dep pine
# apt-get source -b pine
In order to create a local package archive which is compatible with APT and the
dselect system, Packages needs to be created and
package files need to be populated in a particular directory tree.
A local deb repository similar to an official Debian archive can be made in this way:
# aptitude install dpkg-dev
# cd /usr/local
# install -d pool # physical packages are located here
# install -d dists/unstable/main/binary-i386
# ls -1 pool | sed 's/_.*$/ priority section/' | uniq > override
# editor override # adjust priority and section
# dpkg-scanpackages pool override /usr/local/ \
> dists/unstable/main/binary-i386/Packages
# cat > dists/unstable/main/Release << EOF
Archive: unstable
Version: 3.0
Component: main
Origin: Local
Label: Local
Architecture: i386
EOF
# echo "deb file:/usr/local unstable main" \
>> /etc/apt/sources.list
Alternatively, a quick-and-dirty local deb repository can be made:
# aptitude install dpkg-dev
# mkdir /usr/local/debian
# mv /some/where/package.deb /usr/local/debian
# dpkg-scanpackages /usr/local/debian /dev/null | \
gzip - > /usr/local/debian/Packages.gz
# echo "deb file:/usr/local/debian ./" >> /etc/apt/sources.list
These archives can be remotely accessed by providing access to these
directories through either HTTP or FTP methods and changing entries in
/etc/apt/sources.list accordingly.
alien enables the conversion of binary packages provided in Red
Hat rpm, Stampede slp, Slackware tgz,
and Solaris pkg file formats into a Debian deb
package. If you want to use a package from another Linux distribution than the
one you have installed on your system, you can use alien to
convert it to your preferred package format and install it. alien
also supports LSB packages.
auto-apt is an on-demand package installation tool.
$ sudo auto-apt update
... update database
$ auto-apt -x -y run
Entering auto-apt mode: /bin/bash
Exit the command to leave auto-apt mode.
$ less /usr/share/doc/med-bio/copyright # access non-existing file
... Install the package which provide this file.
... Also install dependencies
debsums enables verification of installed package files against
MD5 checksums. Some packages do not have available MD5 checksums. A possible
temporary fix for sysadmins:
# cat >>/etc/apt/apt.conf.d/90debsums
DPkg::Post-Install-Pkgs {"xargs /usr/bin/debsums -sg";};
^D
per Joerg Wendland joergland@debian.org (untested).
dpkg-divert command
File diversions are a way of forcing dpkg not to
install a file into its default location, but to a diverted
location. Diversions can be used through the Debian package scripts to move a
file away when it causes a conflict. System administrators can also use a
diversion to override a package's configuration file, or whenever some files
(which aren't marked as conffiles) need to be preserved by dpkg,
when installing a newer version of a package which contains those files.
# dpkg-divert [--add] filename # add "diversion"
# dpkg-divert --remove filename # remove "diversion"
It's usually a good idea not to use dpkg-divert unless it is
absolutely necessary.
equivs packageIf you compile a program from source, it is best to make it into a real local debianized package (*.deb). Use equivs as a last resort.
Package: equivs
Priority: extra
Section: admin
Description: Circumventing Debian package dependencies
This is a dummy package which can be used to create Debian
packages, which only contain dependency information.
To make the command vi run vim, use
update-alternatives:
# update-alternatives --display vi
...
# update-alternatives --config vi
Selection Command
-----------------------------------------------
1 /usr/bin/elvis-tiny
2 /usr/bin/vim
*+ 3 /usr/bin/nvi
Enter to keep the default[*], or type selection number: 2
Items in the Debian alternatives system are kept in
/etc/alternatives/ as symlinks.
To set your favorite X Window environment, apply
update-alternatives to /usr/bin/x-session-manager and
/usr/bin/x-window-manager.
/bin/sh is a direct symlink to /bin/bash or
/bin/dash. It's safer to use /bin/bash to be
compatible with old Bashism-contaminated scripts but better discipline to use
/bin/dash to enforce POSIX compliance. Upgrading to a 2.4 Linux
kernel tends to set this to /bin/dash.
When installed, most Debian packages configure their services to run in
runlevels 2 through 5. Thus, there are no differences between runlevels 2, 3,
4 and 5 on a Debian system that has not been customized; Debian leaves it up to
the local administrator to customize runlevels. This differs from the way
runlevels are used by some other popular GNU/Linux distributions. One change
you may want to make is to disable xdm or gdm in
runlevel 2 so that the X display manager is not started at the end of the boot
sequence; you can then start it by switching to runlevel 3.
Debian developers take system security seriously. Many daemon services are installed with the fewest services and features enabled.
Run ps aux or check the contents of /etc/init.d/* and
/etc/inetd.conf, if you have any doubts (about Exim, DHCP, ...).
Also check /etc/hosts.deny. The pidof command is
also useful (see pidof(8)).
X11 doesn't allow TCP/IP (remote) connections by default in recent versions of Debian. X forwarding in SSH is also disabled.
[ previous ] [ Contents ] [ 1 ] [ 2 ] [ 3 ] [ A ] [ next ]
Debian Quick Reference
CVS, Thu Jan 18 11:54:29 UTC 2007osamu#at#debian.org