Apt-get. Package management in Ubuntu

Due to the fact that some comrades do not understand what apt and dpkg are. I decided to create another post about these utilities.

APT and everything, everything, everything. Exploring the capabilities of the APT package manager and related programs

Debian brought a lot of positive innovations to the Linux world, many of which were adopted by other distributions. The most significant improvement to Debian was the APT package management system; after its release, all other distributions turned into outdated trash. Today, APT is complex, smart, flexible and hides many secrets from the uninitiated Linux user.

Advanced package management system

APT (Advanced Packaging Tool) itself is not a package management system in the truest sense of the word. All actions for unpacking, registering in the system and viewing the package database are performed by the dpkg package utilities, while the APT utilities are a wrapper that is used to search for packages, check checksums, download from the repository, resolve dependencies, as well as a number of other actions .

APT includes the following set of utilities:

apt package utilities

apt-cache - manipulates the cache of available packages, commonly used
to search for a package and/or get information about it

apt-cdrom - allows you to add a CD/DVD as a package source (repository)

apt-config - reads the values ​​of options specified in the configuration
file /etc/apt/apt.conf, used by other APT utilities

apt-extracttemplates - extracts DebConf configuration files
from packages, used by other APT utilities

apt-ftparchive - creates index files

apt-get - installs, removes, updates package list
and the packages themselves, the central APT utility

apt-key - manages authentication keys used for verification
authenticity of package sources

apt-secure - checks authenticity digital signature apt packages included
included in the distribution and repositories

apt-sortpkgs - sorts index files

The utilities rely on the following configuration files:

APT configuration files

/etc/apt/sources.list - list of package sources (repositories)
/etc/apt/apt.conf - main APT configuration file
/etc/apt/preferences - preference file, controls which version of the package will be
installed if there are several versions in the repository at once

APT is simple and straightforward to use; the average user usually only needs the six commands below:

Basic APT Commands

apt-cache search mask - package search
apt-cache show package - view package information
apt-get install package - installing a package
apt-get remove package - remove a package
apt-get update - update the cache of available packages
apt-get upgrade - update all packages

The last two commands are usually run one after the other, which will reinstall all packages for which new versions are available in the repository. If you need to update only the specified package, then after “apt-get update” you should run the command “apt-get install package”.

The Ubuntu distribution makes the process of “communicating” with APT utilities even simpler and reduces it to clicking on the checkboxes of the graphical interface. It has its own, extremely simple, package manager (that’s called “Package Manager”), launched via cron. Updates Manager, a graphical installer for manually downloaded GDebi deb packages and a more powerful graphical add-on for Synaptic APT utilities.

Meanwhile, APT is much more complex and flexible than it might seem at first glance. Therefore, in the following sections we will look at several not entirely typical methods of using it.

Third Party Package Sources

In addition to the main repository, which contains all the packages from the distribution's developers, there are a lot of other package sources that may contain third-party software that is not available from the official repository, provide more recent versions of it, or simply be a faster mirror. The repository can be either a regular directory on your hard drive or a CD.

To teach APT to work with third-party repositories, just follow four simple steps:

The uri field is the repository address, which in most cases is an HTTP address, but can also be a link to a local repository (file:/root/repository), the address of a repository on an FTP or SSH server. The "distribution" field indicates the name of the distribution for which the packages are collected. For Debian, the name can be one of stable, oldstable, unstable, testing, while in the case of Ubuntu, you should only indicate the specific name of the distribution (for example, jaunty), as well as various designations based on it (for example, jaunty-updates, jaunty- backports, jaunty-security). It must be said that APT is not at all against mixing packages from different distributions on one system, but in this case only you will be responsible for the consequences. The component is usually named main, contrib or non-free for Debian and main, universe, multiverse, partner and restricted for Ubuntu. These are all names of different package repositories, which are separated only to separate packages based on some criteria. For example, main are packages collected by a group of Ubuntu/Debian developers; there are certain guarantees for the quality of the software contained in them, including timely updates and bugfixes, while contrib and universe are third-party software that you install at your own risk. risk.

2. Add to apt keyring the public key of the repository, used to verify its authenticity and reliability. The key can be obtained by any means and added by running the command “apt-key add key”, but this method is rarely practiced due to its inconvenience. In the vast majority of cases you will be dealing with a team

sudo apt-key adv --keyserver certificate-server --recv-keys key-id
which requests the key directly from the certification server (for Ubuntu this is keyserver.ubuntu.com). This is how most third-party developers distribute their software for Debian/Ubuntu distributions (while others simply post packages and their checksums). For example, by going to the page of the project you are interested in on launchpad.net hosting and clicking on the link “Technical details about this PPA”, you will see a line that needs to be added to /etc/apt/sources.list, in “Signing key:” will be indicated Key ID.

3. Update the cache of available packages:

sudo apt-get update
4. Install the package using the command “apt-get install package”.

Many developers put a link to the repository and its key ID directly in the deb package, so after downloading the package, installing it and running the command “apt-get update && apt-get upgrade” the packages will be updated along with their brothers listed in the sources.list. In particular, this is how Opera browsers and the alpha release of Google Chrome are distributed.

A repository located on a CD is much easier to add to sources.list. There is a special command for this, apt-cdrom. You simply insert the CD into the drive and run the command:

sudo apt-cdrom add

Tricks and unusual situations

APT is APT, it is convenient and simple, but sometimes you cannot do without tricks, the most useful of which you will learn from this section.

1. By default, the "apt-get remove" command removes a package completely only if none of its files have been modified since installation, otherwise the modified files remain untouched. Naturally, configuration files almost always change, so apt-get leaves behind a bunch of garbage that you have to clean up manually. The command "apt-get purge" instead of "apt-get remove" solves this problem.

2. Those who like to tinker with the system, as well as system administrators whose servers have been hacked, will most likely want to return the packages to the initial state in which they were before the manipulation. The command will help with this:

sudo apt-get install --reinstall package
3. Lower-level deb package management utilities (such as dselect and dpkg) maintain a special list of package states that can be used to control which packages should be installed or removed in batch mode (this is how dselect + dpkg works). It can also be used for many other purposes, for example, to transfer the system configuration to another machine. Run the following command:

dpkg --get-selections > file
Transfer the file to another machine and run two commands on it:

cat file > dpkg --set-selections
apt-get dselect-upgrade

All packages of the source system will be added to the system. To make the package state file also contain information about which packages should be removed from the system, add a "\*" character after the "--get-selections" argument. The status list does not contain package versions; this can be used after installing a newer version of the distribution to bring it to the required state.

4. You manually applied a patch to a file of one of the system packages and do not want this package to be updated (with the destruction of all your changes) after calling “apt-get upgrade”. In this case, the list of states will again come to your aid. The package may be frozen, causing apt-get to refuse to update it and skip it:

echo -e "coreutils hold" | dpkg --set-selections
You can force a package update by specifying the "-u" flag when calling apt-get.

5. Like any system with network functionality, APT allows you to use a proxy to access repositories. To enable this feature, add the following line to the /etc/apt/apt.conf file:

Acquire::http::Proxy "http://xxx.xxx.xx:yyyy"

Where xxx.xxx.xx is the name of your proxy, yyyy is the port.

6. Typically, APT utilities request the newest version of a package from all that are in its cache, so if you added various experimental and unstable repositories to sources.list, then after updating you will receive a distribution consisting exclusively of experimental or unstable packages, and a bunch of problems caused by this state of affairs. However, the situation can be easily resolved by placing the following line in /etc/apt/apt.conf:

APT::Default-Release "release";

Where release is oldstable, stable, unstable, testing or experimental for Debian or the release name for Ubuntu. Now, if you need to install a package from the specified distribution, just write its name after the "-t" argument when calling apt-get:

sudo apt-get -t unstable install package
7. All received apt-get deb packages are stored in the /var/cache/apt/archives directory, which means that if you reinstall the system, you can copy the contents of the directory to another disk/partition, and then restore it and save time/ package installation traffic. Besides, this is essentially a snapshot of your installed system(that part of it that you installed yourself), which can be attributed to a friend (together with the list of states described in the third paragraph) or, if not needed, deleted to free up space.

8. The deleted system snapshot described in the previous paragraph can be easily restored using the design below:

sudo dpkg --get-selections | grep -v "deinstall" | \
awk "(print $1)" | xargs dpkg-repack

9. In addition to binary packages, the Debian/Ubuntu repositories also contain application source packages that can be obtained and built using the following command:

sudo apt-get -b source packagename

Third party utilities

The APT system has come a long way, so in addition to the official utilities included in the apt package, the Debian and Ubuntu repositories are replete with third party utilities, which can be used to perform some non-standard tasks.
The most useful of them is called apt-file and is necessary, as you might guess from the name, to determine whether a particular file belongs to a specific package. Install:

sudo apt-get install apt-file
We ask apt-file to create a cache of all files installed in the package system (it will be searched):

apt-file search /usr/bin/apt-get
apt: /usr/bin/apt-get

We request a list of all package files:

apt-file list apt

A simple utility called apt-show-versions will show you which packages can be upgraded, including versions and other details. Run it with the "-u" flag to get a list of only the packages to be updated (instead of a list of all packages).

If you installed a large number of various packages and now you want to get rid of unnecessary trash, then the deborphan utility will help in this matter, which searches for unused packages and orphaned dependencies. Just run deborphan without any arguments, and you will see a list of packages, which you can immediately pass as input to the “apt-get remove” command, or simply run the following command:

sudo apt-get remove `deborphan`

By default, deborphan only processes packages containing libraries, but this behavior can be changed by adding the "-a" flag to the command invocation:

You should not immediately rush to remove the packages shown by the utility, because even the most powerful heuristic algorithm is not able to determine your personal needs. So, the program showed me the packages google-chrome, inkscape and even xorg.

The apt-move utility will allow you to create a local repository. Install the program, open the /etc/apt-move.conf file, specify in the LOCALDIR option the path to the directory in which the repository should be located, and run the command:

sudo apt-move update

As a result, all packages downloaded from the Internet using apt-get (directory /var/cache/apt/archives) will be moved to the directory specified in the config, for which an index file will be created. This convenient way creating an intranet repository for those cases when a lot of identical packages need to be installed on many machines.

To create a local repository, it is also very convenient to use the apt-proxy server, which allows you to cache deb packages downloaded from the repository on the server side. To do this, apt-proxy is installed on a dedicated machine (possibly a gateway), and the sources.list of clients is modified so that the address of this machine is specified as the uri field of all repositories. As a result, all requests for deb packages are redirected to apt-proxy, which requests the package from the head repository and stores it in its cache, and the response to all subsequent requests for this package will be returned from the cache.

First, install apt-proxy on a dedicated machine:

sudo apt-get install apt-proxy

Next, open the file /etc/apt-proxy/apt-proxy-v2.conf, go to the section and replace the value of the address option with the IP address of the machine, and also describe the packet sources used by apt-proxy, for example:

sudo vi /etc/apt-proxy/apt-proxy-v2.conf

backends = http://ru.archive.ubuntu.com/ubuntu/
min_refresh_delay = 1d

backends = http://security.ubuntu.com/ubuntu/
min_refresh_delay = 1d

Usually these two addresses are enough to cover the entire range of packages provided by Ubuntu developers. Restart apt-proxy:

sudo invoke-rc.d apt-proxy restart

To switch clients to using apt-proxy, take the standard Ubuntu sources.list, replace all real uri fields with “http://IP-address-apt-proxy:9999/ubuntu/” and copy this file to each client.

There are many other, less interesting utilities that work in conjunction with APT. For example, apt-dater allows you to update packages on a large number of remote nodes using a pseudo-graphical interface. The aptsh program implements a sh-like command interface on top of the apt package commands, aptfs is a virtual file system for managing APT. The debdelta utility, which allows you to update packages by downloading their deltas from the Internet, could be the topic of a separate article if there were at least one timely updated repository for it.

Aptitude

The apt-get utility and its relatives are not the only APT implementation available. An even more powerful, convenient and versatile alternative to them is called aptitude and is a concentrated functionality of apt-get, apt-cache and dselect in one place.
Aptitude allows you to install/uninstall, search, update, and do a lot of other things with packages using two types of interface: command mode, similar to apt-get and apt-cache, and a mode with a pseudo-graphical interface, externally reminiscent of the dselect interface, but much more convenient and functional.

In command line mode, aptitude can be used to do things like:

aptitude install - package installation

aptitude remove - remove package and orphaned dependencies

aptitude purge - remove package, orphaned dependencies
and the remaining configuration files after them

aptitude search - search for a package in the cache (list of available packages)

aptitude update - cache update

aptitude safe-upgrade - update packages

aptitude clean - remove previously downloaded packages

aptitude full-upgrade - update packages,
even if this action requires removing any packages

aptitude show - package information

aptitude autoclean - remove outdated packages

aptitude hold - setting a ban on updating a package

The interactive mode, available when running aptitude without arguments, allows you to perform all the same actions using a pseudo-graphical interface built on the ncurses library. It works in batch mode (select packages - start the installation process), so it will be convenient in cases where you need to install a large number of packages.

Easter eggs

The developers of the APT utilities turned out to be guys with a somewhat twisted sense of humor. Just look at the result of the following command:

sudo apt-get moo
What looks even wilder is what the creators of aptitude built into their program. Try:

sudo aptitude moo
A sort of Easter egg without easter egg. OK:

sudo aptitude -v moo
sudo aptitude -vv moo
sudo aptitude -vvv moo
sudo aptitude -vvvv moo
sudo aptitude -vvvvv moo

And the final chord:

sudo aptitude -vvvvvv moo

Useful apt-cache commands

apt-cache show package - detailed information about the package
apt-cache showpkg package - general information about the package
apt-cache depends package - list of package dependencies
apt-cache rdepends package - list of reverse dependencies (who needs the specified package)

APT Dictionary

Package - a program, library, source code or any other files, as well as their metadata, packaged in a specially formed archive.

Repository is a storage place for deb packages.

Available package cache (or simply cache) is a file that caches information about all packages available from the sources listed in /etc/apt/sources.list. The cache is updated every time the "apt-get update" command is called.

Index file - the head file of the repository containing the name, version, size, short and Full description and dependencies for each package. It is named Packages.gz in the case of a binary repository and Sources.gz for a source code repository. Created using the pkg-scanpackages and dpkg-scansources utilities.

Apt keyring (literally: apt key ring) is a repository of keys that authenticate package sources (repositories).

What is inside?

The hallmark of Deb packages is their simplicity. Any Deb package consists of three files: data.tar.gz, control.tar.gz and debian-binary, packed with the ar archiver. The file data.tar.gz is the contents of the package (binaries, man's, documentation, etc.), control.tar.gz is metadata, in the simplest version two files: control, containing a description of the package, dependencies, size, etc. .d., and md5sums are checksums of all package files. The debian-binary file contains the format version of the Deb package (for example, 2.0). To unpack the package, you can use the command:

ar -xv package.deb && tar -xzf data.tar.gz

Advanced Packaging Tool is a high-level tool for working with packages.

Working with packages using dpkg.

dpkg is the main program on the system for working with Debian packages. If there are .deb packages, it is dpkg that allows you to install them or analyze their contents. However, this program has only a partial view of the Debian world: it knows what is installed on the system, as well as everything passed to it on the command line, but it knows nothing about other available packages. Therefore, it will fail if it encounters an unsatisfied dependency. Tools like apt, on the other hand, will automatically create a list of dependencies so that everything can be installed as automatically as possible.

dpkg or apt?

dpkg should be considered as a low-level tool (engine), and apt as a tool closer to the user, bypassing the limitations of the first. These tools work together, each with its own specifics, tailored for a specific range of tasks.

Installing packages

dpkg is primarily a tool for installing already available Debian packages (since it doesn't download anything). To install a package, use the -i or --install option.

Installing a package using dpkg

Dpkg -i man-db_2.7.0.2-5_amd64.deb

The man-db package (2.7.0.2-5) is being configured...

We can see every step dpkg executes, so we know where any error might have occurred. The installation can also be done in two stages: first unpacking, then configuration. This makes apt-get make fewer calls to dpkg (each such request is an expensive operation due to the need to load the database into memory, including the entire list of already installed files).

Separate unpacking and setup

Dpkg --unpack man-db_2.7.0.2-5_amd64.deb

(Reading database... on this moment 86425 files and directories installed.)
Preparing to unpack man-db_2.7.0.2-5_amd64.deb ...
Man-db (2.7.0.2-5) is unpacked to replace (2.7.0.2-5) ...
Triggers for mime-support (3.58) are processed...

Dpkg --configure man-db

The man-db package (2.7.0.2-5) is being configured...
Updating database of manual pages ...

Sometimes dpkg, for one reason or another, cannot install a package and returns an error; if the user instructs to ignore this error, only a warning will be issued; There are various --force-* options for this. The dpkg --force-help command, or its documentation, will give a complete list of such options. The most common error that you will sooner or later encounter is a file conflict. When a package contains a file that is already installed by another package, dpkg will refuse to install it and we will receive a message like this:

The libgdm package is unpacked (from the file.../libgdm_3.8.3-2_amd64.deb) ...
dpkg: error processing the parameter /var/cache/apt/archives/libgdm_3.8.3-2_amd64.deb (--unpack):
trying to overwrite "/usr/bin/gdmflexiserver" which is already in package gdm3 3.4.1-9

In this case, if you believe that replacing this file does not pose a significant risk to the stability of your system (this is often the case), you can use the --force-overwrite option, which will tell dpkg to ignore this error and overwrite the file.
Although there are many --force-* options, only --force-overwrite is recommended for regular use. The rest are intended only for exceptional cases, and it is better to leave them alone as long as possible in order to comply with the rules laid down when the package was created. Do not forget that these rules are a guarantee of the integrity and stability of the system.

ATTENTION! Effective use--force-*

If you're not careful, using the --force-* option can cause APT commands to stop working. Some of these options allow you to install a package with unmet dependencies or if there is a conflict. As a result, the consistency of the system in terms of dependencies is broken, and APT commands will refuse to do anything other than that which will return the system to a consistent state (this usually amounts to installing the missing dependency or removing the problematic package). Here is an example of a message indicating such an error, which was received after installing a new version of rdesktop and ignoring the dependency on a newer version of libc6:

apt full-upgrade

You may want to use "apt-get -f install" to fix these errors.
Packages with unmet dependencies:
rdesktop: Depends on: libc6 (>= 2.5) but 2.3.6.ds1-13etch7 is already installed
E: Unmet dependencies.

Try using -f.
Intrepid administrators who are confident in their analysis of the situation can ignore the warning about a dependency problem or conflict by using the appropriate --force-* option. In this case, if you want to continue using apt or aptitude, you need to edit /var/lib/dpkg/status and remove/change the dependency or conflict.
Editing this file is a dirty hack and should not be used except in extreme cases. Often the best solution is to rebuild the offending package ("Rebuild the package from its source") or use a new version of it (probably fixed) from a repository such as stable-backports (see Section 6.1.2.4, "Stable Software with Backports Compatibility" ).

Removing a package

Running dpkg with the -r or --remove option followed by the package name will remove that package. This removal, however, is not complete: all configuration files, maintainer scripts, log files (system logs) and other user data used by this package will remain. In this way, it is easy to get rid of the program by uninstalling it, but at the same time it remains possible to install it again with the same configuration. To completely remove everything associated with a package, use the -P or --purge option followed by the package name.

Complete removal of the debian-cd package

Dpkg -r debian-cd

(Reading the database...there are currently 97747 files and directories installed.)

Dpkg -P debian-cd

(Reading the database...there are currently 97401 files and directories installed.)
The debian-cd package (3.1.17) is being removed...
The configuration files of the debian-cd package (3.1.17) are cleared...

dpkg database queries and parsing .deb files

For most options, there are "long" options (one or more words preceded by a double hyphen) and "short" options (a single letter, often the first letter of the "long" option, followed by a single hyphen). This convention is so common that it is already a POSIX standard.
Before finishing this section, let's look at dpkg's options for querying the internal database to get various information. In this case, the long options will be specified first, and then the corresponding short options (which, of course, take the same arguments). Thus, --listfiles package (or -L) lists the files installed by the package; --search file (or -S) searches for the package this file belongs to; --status package (or -s) displays information about a particular installed package; --list (or -l) shows a list of packages known to the system and their status; --contents file.deb (or -c) shows a list of files in this package; --info file.deb (or -I) shows Debian package information.

Retrieving information using dpkg

Dpkg -L base-passwd

/.
/usr
/usr/sbin
/usr/sbin/update-passwd
/usr/share
/usr/share/man
/usr/share/man/ru
/usr/share/man/ru/man8
/usr/share/man/ru/man8/update-passwd.8.gz
/usr/share/man/pl
/usr/share/man/pl/man8
/usr/share/man/pl/man8/update-passwd.8.gz
/usr/share/man/man8
/usr/share/man/man8/update-passwd.8.gz
/usr/share/man/fr
/usr/share/man/fr/man8
/usr/share/man/fr/man8/update-passwd.8.gz
/usr/share/doc-base
/usr/share/doc-base/users-and-groups
/usr/share/base-passwd
/usr/share/base-passwd/passwd.master
/usr/share/base-passwd/group.master
/usr/share/lintian
/usr/share/lintian/overrides
/usr/share/lintian/overrides/base-passwd
/usr/share/doc
/usr/share/doc/base-passwd
/usr/share/doc/base-passwd/copyright
/usr/share/doc/base-passwd/users-and-groups.html
/usr/share/doc/base-passwd/changelog.gz
/usr/share/doc/base-passwd/users-and-groups.txt.gz
/usr/share/doc/base-passwd/README

Dpkg -S /bin/date

coreutils: /bin/date

Dpkg -s coreutils

Package: coreutils
Essential: yes
Status: install ok installed
Priority: required
Section: utilities
Installed-Size: 13822
Maintainer: Michael Stone
Architecture: amd64
Multi-Arch: foreign
Version: 8.13-3.5
Replacements: mktemp, timeout
Depends: dpkg (>= 1.15.4) | install-info
Pre-Depends: libacl1 (>= 2.2.51-8), libattr1 (>= 1:2.4.46-8), libc6 (>= 2.7), libselinux1 (>= 1.32)
Conflicts: timeout
Description: GNU core utilities
This package contains the basic file, shell and text manipulation
utilities which are expected to exist on every operating system.
.
Specifically, this package includes:
arch base64 basename cat chcon chgrp chmod chown chroot cksum comm cp
csplit cut date dd df dir dircolors dirname du echo env expand expr
factor false flock fmt fold groups head hostid id install join link ln
logname ls md5sum mkdir mkfifo mknod mktemp mv nice nl nohup nproc od
paste pathchk pinky pr printenv printf ptx pwd readlink rm rmdir runcon
sha*sum seq shred sleep sort split stat stty sum sync tac tail tee test
timeout touch tr true truncate tsort tty uname unexpand uniq unlink
users vdir wc who whoami yes
Homepage: http://gnu.org/software/coreutils

Dpkg -l "b*"

Desired=unknown[u]/install[i]/delete[r]/clear[p]/commit[h]
| Status=not[n]/installed[i]/configured[c]/unpacked[U]/partially configured[F]/
partially installed[H]/trig-aWait/Trig-pend
|/ Error?=(none)/reinstallation required[R] (upper case
in the status and error fields indicates an abnormal situation)
||/ Name Version Architecture Description
+++-============-==============-==============-================================
un backupninja<нет>(description not available)
un base<нет>(description not available)
un base-config<нет>(description not available)
ii base-files 7.1 amd64 Debian base system miscellaneous
ii base-passwd 3.5.26 amd64 Debian base system master passwo
[...]

Dpkg -c /var/cache/apt/archives/gnupg_1.4.12-7_amd64.deb

drwxr-xr-x root/root 0 2013-01-02 19:28 ./
drwxr-xr-x root/root 0 2013-01-02 19:28 ./usr/
drwxr-xr-x root/root 0 2013-01-02 19:28 ./usr/share/
drwxr-xr-x root/root 0 2013-01-02 19:28 ./usr/share/doc/
drwxr-xr-x root/root 0 2013-01-02 19:28 ./usr/share/doc/gnupg/
-rw-r--r-- root/root 3258 2012-01-20 10:51 ./usr/share/doc/gnupg/TODO
-rw-r--r-- root/root 308 2011-12-02 18:34 ./usr/share/doc/gnupg/FAQ
-rw-r--r-- root/root 3543 2012-02-20 18:41 ./usr/share/doc/gnupg/Upgrading_From_PGP.txt
-rw-r--r-- root/root 690 2012-02-20 18:41 ./usr/share/doc/gnupg/README.Debian
-rw-r--r-- root/root 1418 2012-02-20 18:41 ./usr/share/doc/gnupg/TODO.Debian
[...]

Dpkg -I /var/cache/apt/archives/gnupg_1.4.12-7_amd64.deb

new debian package, version 2.0.
size 1952176 byte(s): control archive length 3312 byte(s).
1449 byte(s), 30 control lines
4521 byte(s), 65 lines md5sums
479 byte(s), 13 lines * postinst #!/bin/sh
473 byte(s), 13 lines * preinst #!/bin/sh
Package: gnupg
Version: 1.4.12-7
Architecture: amd64
Maintainer: Debian GnuPG-Maintainers
Installed-Size: 4627
Depends: libbz2-1.0, libc6 (>= 2.4), libreadline6 (>= 6.0), libusb-0.1-4 (>= 2:0.1.12), zlib1g (>= 1:1.1.4), dpkg (>= 1.15.4) | install-info, gpgv
Recommends: libldap-2.4-2 (>= 2.4.7), gnupg-curl
Suggests: gnupg-doc, xloadimage | imagemagick | eog, libpcsclite1
Section: utilities
Priority: important
Multi-Arch: foreign
Homepage: http://www.gnupg.org
Description: GNU privacy guard - a free PGP replacement
GnuPG is GNU"s tool for secure communication and data storage.
It can be used to encrypt data and to create digital signatures.
It includes an advanced key management facility and is compliant
with the proposed OpenPGP Internet standard as described in RFC 4880.
[...]

LETTING DEPTH: Version Comparison

Since dpkg is a Debian package management program, it also contains a reference implementation of the version number comparison logic. That's why it has the --compare-versions option used external programs(mainly by setup scripts run by dpkg itself). This option requires three parameters: a version number, a comparison operator, and a second version number. Valid comparison operators are lt (strictly less than), le (less than or equal to), eq (equal to), ne (not equal to), ge (greater than or equal to), and gt (strictly greater than). If the comparison is correct, dpkg returns 0 (success); if not, then a non-zero value (an error).

$ dpkg --compare-versions 1.2-3 gt 1.1-4
$echo$?
0
$ dpkg --compare-versions 1.2-3 lt 1.1-4
$echo$?
1
$ dpkg --compare-versions 2.6.0pre3-1 lt 2.6.0-1
$echo$?
1

Note the unexpected failure of the last comparison: for dpkg, the letters pre, which typically denote pre-release, have no special meaning, and alphabetic characters are compared in the same way as numbers (a< b < c ...), в алфавитном порядке. Именно поэтому dpkg считает, что «0pre3» больше, чем «0». При необходимости указать в номере версии, что она относится к предварительному выпуску, используется символ тильды «~»:

$ dpkg --compare-versions 2.6.0~pre3-1 lt 2.6.0-1
$echo$?
0

dpkg log file

dpkg keeps a log of all its actions in /var/log/dpkg.log. This log is extremely detailed, documenting every step of the way dpkg packages are processed. This log helps not only to track the behavior of dpkg, but also to maintain a history of changes in the system: the exact moment when each package was installed or updated can be found, and this information can be extremely useful in determining the reasons for the change in the behavior of the system as a whole. In addition, information about all versions is recorded and can be easily checked against the changelog.Debian.gz from the corresponding package or against online bug reports.

Multi-architecture support

All Debian packages have an Architecture field in their metadata. This field can contain either the value "all" (for packages that are architecture independent) or the name of the specific architecture for which the package is intended (for example, "amd64", "armhf", ...). In the latter case, dpkg will by default only allow a package to be installed if its architecture matches the system architecture returned by dpkg --print-architecture.
This restriction ensures that there are no binaries compiled for the wrong architecture on the system. That would be fine, but (some) computers can run binaries for different architectures, either natively (for example, "amd64" systems run binaries for "i386") or through emulators.

Enabling multi-architecture

dpkg's multi-architecture support allows you to define "foreign architectures" that can be installed on a given system. This is easy to do with dpkg --add-architecture, as shown in the example below. There is also a corresponding dpkg --remove-architecture command to disable support for a foreign architecture, but it can only be used if there are no packages of that architecture left on the system.

dpkg --print-architecture
amd64

dpkg: error processing archive gcc-4.9-base_4.9.1-19_armhf.deb (--install):
package architecture (armhf) does not match system (amd64)
Errors were encountered while processing:
gcc-4.9-base_4.9.1-19_armhf.deb

dpkg --add-architecture armhf
dpkg --add-architecture armel
dpkg --print-foreign-architectures
armhf
armel

Dpkg -i gcc-4.9-base_4.9.1-19_armhf.deb

Selecting previously unselected package gcc-4.9-base:armhf.
(Reading database ... 86425 files and directories currently installed.)
Preparing to unpack gcc-4.9-base_4.9.1-19_armhf.deb ...
Unpacking gcc-4.9-base:armhf (4.9.1-19) ...
Setting up gcc-4.9-base:armhf (4.9.1-19) ...

Dpkg --remove-architecture armhf

dpkg: error: cannot remove architecture "armhf" currently in use by the database

Dpkg --remove-architecture armel
dpkg --print-foreign-architectures
Multi-architecture support in APT

APT will automatically detect if dpkg is configured to support foreign architectures and will begin downloading the appropriate Packages files during the upgrade process.
Foreign packages can be installed using the apt install package:architecture command.

Using proprietary i386 binaries on amd64 systems

There are several cases where multi-architecture can be useful, but the most common one is to enable 32-bit files (i386) to run on 64-bit systems (amd64), particularly because some popular proprietary applications (like Skype) are only available as 32-bit versions.

Changes related to multi-architecture

To make multi-arch support truly useful, the libraries needed to be repackaged, moving them to an architecture-specific directory so that multiple copies (for different architectures) could be installed at the same time. Such updated packages contain a "Multi-Arch: same" header, indicating to the package management system that different package architectures can be installed together (and that these packages can only satisfy dependencies of packages of the same architecture). Since multi-arch support was only added to Debian Wheezy, not all libraries have been converted yet.

Dpkg -s gcc-4.9-base

dpkg-query: error: --status requires a valid package name, but "gcc-4.9-base" is not: ambiguous package name "gcc-4.9-base" with more than one instance installed

Use the --help option to display help for package queries.

Dpkg -s gcc-4.9-base:amd64 gcc-4.9-base:armhf | grep ^Multi

Multi-Arch: same
Multi-Arch: same

Dpkg -L libgcc1:amd64 |grep .so

/lib/x86_64-linux-gnu/libgcc_s.so.1

Dpkg -S /usr/share/doc/gcc-4.9-base/copyright

gcc-4.9-base:amd64, gcc-4.9-base:armhf: /usr/share/doc/gcc-4.9-base/copyright

It is worth noting that packages with the Multi-Arch: same field should be named with the name of the architecture so that they can be uniquely identified. They may also share files with other instances of the same package; dpkg in this case ensures that all packages have bit-for-bit identical shared files. All instances of the package must be the same version, so they must be updated together.
Multi-architecture support also brings some interesting features into the dependency processing mechanism. Resolving the dependency requires either a package marked "Multi-Arch: foreign" or a package with the same architecture (when resolving the dependency, architecture-independent packages are considered to be of the same architecture as the system). A dependency can also be relaxed to allow a package of any architecture to satisfy it using the package:any syntax, but foreign packages can only satisfy such a dependency if they are marked "Multi-Arch: allowed".

Used materials.