Understanding Package Repositories

Packages (precompiled executables) come from a variety of locations. Ubuntu maintains four main repository types (called components) where most software can be retrieved.

• main-This component contains all officially supported open source projects without restrictive licensing. Gnome, GDM, and the Linux kernel are all found in main.

• restricted-These packages are officially supported, but have restrictive licenses. This component primarily contains third-party video and network drivers.

• universe-These packages are not officially supported by Ubuntu, but are provided and maintained by the Ubuntu community. As with main, the universe component only contains open source projects without restrictive licensing. Games, compilers, and a wide variety of tools are found here.

• multiverse-This is the catchall component that contains community-supported packages with restrictive licensing. Example packages include Adobe's Acrobat PDF reader, some fonts, and MP3-related tools.

Packages from the main and restricted components are included on the Ubuntu installation CD-ROMs (see the /pool directory). Although Ubuntu officially supports these two components, the community provides the other two: universe and multiverse. This means that their contents may not be as thoroughly tested or updated as the official repositories.

By dividing software based on licensing and support, software developers and corporations can make intelligent decisions based on their own needs. For example, a company that develops custom software may want to stay away from the restricted and multiverse repositories in order to reduce the risk of licensing contamination. A small office looking for reliable support may stick to fully supported packages from the main and restricted repositories.

Differentiating Distributions

Along with the four components (main, restricted, universe, and multiverse) are a variety of Ubuntu repositories. For Ubuntu, each repository contains the name of the Ubuntu version. For Dapper Drake, all distributions contain "dapper".

• dapper-This indicates the primary distribution for the operating system.

• dapper-updates-This repository holds updates to the main dapper distribution. Updates are kept separate from the main distribution so an installation baseline is maintained.

• dapper-security-This is a special repository specifically used for security updates.

• dapper-backports-This repository contains software that has been backported-compiled from a newer version of Ubuntu to work with Dapper. For example, Edgy Eft will use a newer version of Gnome than Dapper. Edgy's Gnome version may be backported to work with Dapper. Because these versions are not thoroughly tested under Dapper, the backport distributions are disabled by default.

Most large Linux distributions provide some form of precompiled code. RedHat and SUSE Linux, for example, use the RedHat Package Manager (RPM). Although the rpm package exists for Ubuntu, it is not commonly used. Each RPM contains licensing information. A single RPM repository may contain packages with both restricted and unrestricted licenses.

Debian Linux uses the Debian Package Manager (dpkg) to install deb packages. Since Ubuntu is based on Debian, it too uses dpkg and debs. Other package management tools, such as APT and Synaptic, are actually wrappers around dpkg. As with Ubuntu, Debian divides packages based on licensing, but Debian uses slightly different divisions.

• Debian main-This is similar to the Ubuntu main component. All code is supported, open source, and provided with unrestrictive licensing.

• Contrib-This component contains open source with unrestrictive licensing, but may be dependent on code that has restrictive licensing.

• Non-Free-As with the Ubuntu restricted component, these packages contain licenses that restrict use or distribution.

• Non-US/Main-These packages do not have restrictive licensing, but may not be exported outside of the United States. This usually means the packages contain cryptography.

• Non-US/Non-Free-This component is the counterpart to Non-US/Main. Most of these packages use proprietary cryptography or are restricted by patents.

Although you can install Debian deb packages under Ubuntu, most of these packages have been ported to the Ubuntu repositories.

Compatibility leads to the biggest problems when using binaries from other platforms. Depending on the software and how it was compiled, some packages may not work under your version of Ubuntu. Different kernel and shared library versions can break executables. If you can, consider sticking with Ubuntu binaries. If you can't find Ubuntu binaries, then be careful. Don't try binary kernel modules without knowing how to remove them first; incompatible modules can crash your system. For regular user applications, incompatible binaries may not run or may complain about missing libraries. Sometimes you can fix dependencies by installing older libraries, but you are probably better off looking for source code. If the binaries are proprietary, then you are out of luck unless you can use them in a virtual machine (see Chapter 6).

Each distribution contains main, restricted, universe, and multiverse repositories. Different servers may host some or all of the different distributions and repositories.