Chapter 5. Package Management


This chapter describes the two major Linux packaging systems: the Red Hat Package Manager (RPM) and the Debian GNU/Linux Package Manager. It also describes the major frontend applications designed to simplify and automate package management: yum and up2date for RPM-based systems, aptitude and synaptic for Debian-based systems, and apt, which is a Debian package-management tool that is now also available for RPM-based systems.

When you install applications on your Linux system, most often you'll find a binary or a source package containing the application you want, instead of (or in addition to) a .tar.gz file. A package is a file containing the files necessary to install an application. However, while the package contains the files you need for installation, the application might require the presence of other files or packages that are not included, such as particular libraries (and even specific versions of the libraries), to actually be able to run. Such requirements are known as dependencies.

Package-management systems offer many benefits. As a user, you may want to query the package database to find out what packages are installed on the system and their versions. As a system administrator, you need tools to install and manage the packages on your system. And if you are a developer, you need to know how to build a package for distribution.

Among other things, package managers do the following:

  • Provide tools for installing, updating, removing, and managing the software on your system.

  • Allow you to install new or upgraded software directly across a network.

  • Tell you what software package a particular file belongs to or what files a package contains.

  • Maintain a database of packages on the system and their status, so you can determine what packages or versions are installed on your system.

  • Provide dependency checking, so you don't mess up your system with incompatible software.

  • Provide GPG, PGP, MD5, or other signature-verification tools.

  • Provide tools for building packages.

Any user can list or query packages. However, installing, upgrading, or removing packages generally requires root privileges. This is because the packages normally are installed in system-wide directories that are writable only by root. Sometimes you can specify an alternate directory to install a package into your home directory or into a project directory where you have write permission, if you aren't running as root.

Signature verification is an important feature of package-management systems that helps maintain the security of your system. An MD5 checksum is used to check the integrity of a package, making sure, for example, that it was downloaded correctly and that it was not tampered with by a malicious user. GPG (and PGP) encrypt a digital signature into the package, which is used to verify the identity of the package creator.

Most often you'll install a binary package, in which the source code has been compiled and the software is ready to run once it is installed. You may also want or need to install source packages, which provide the source code and instructions for compiling and installing it. Source code packages do not contain executable files. Packages follow certain naming conventions, and you can tell from the name whether it is a binary or source package. RPM and Debian package names contain the same information, but they are expressed slightly differently. An RPM package has the form:

          package-version-release.architecture.rpm

A Debian package has the form:

          package_version-revision_architecture.deb

In both cases, package is the name of the package, version is the version number of the software, release (RPM) and revision (Debian) indicate the revision number of the package for that version, and architecture shows what system architecture the software was packaged for (e.g., i386 or m68k). The value of architecture may also be noarch for a package that is not hardware-specific or src for an RPM source package (Debian source packages come as tarred, gzipped files).

All the package managers check for dependencies when you install a package. In the case of RPM, if there are missing dependencies, it prints an error and terminates without installing the package. To proceed, you need to first install the missing package (or packages). This can become an involved process if the missing package has its own dependencies. A major advantage of the high-level package managers described in this chapter (i.e., apt, yum, up2date, synaptic, and aptitude) is that they automatically resolve dependencies and install missing packages for you. Another advantage is that they locate and download the package automatically, based on information in configuration files specifying where to look for packages. With RPM, you first have to locate the package, then download it, and only then can you run RPM to do the install. On the other hand, if you already have the package file on your system or on a CD, RPM is quick and easy to run.

Both RPM and the apt system back up old files before installing an updated package. Not only does this let you go back if there is a problem, but it also ensures that you don't lose your changes (to configuration files, for example).

The following list shows the package-management programs described in the rest of this chapter. Which program to use is very much a matter of personal preference, and you can use more than one at different times. However, it's best to pick the program you prefer and use it consistently, so all your packages are maintained in a single database that you can query.


The Advanced Package Tool (APT)

APT is a modern, user-friendly package-management tool that consists of a number of commands. The most frequently used of these commands is apt-get, which is used to download and install a Debian package. apt-get can be run from the command line or selected as a method from dselect. One of the features of apt-get is that you can use it to get and install packages across the Internet by specifying an FTP or HTTP URL. You can also use it to upgrade all packages currently installed on your system in a single operation.

Note that there are versions of the apt commands that can be used on an RPM-based system. If you plan to do that, it's best to install the version of apt that comes with your Linux distribution.


aptitude

High-level text-based interface to APT. Runs either from the command line or in a visual mode inside a terminal window such as an xterm.


dpkg

The original Debian packaging tool. Used to install or uninstall packages, or as a frontend to dpkg-deb. Getting and installing packages is usually done with apt-get, but dpkg is still commonly used to install a package that is already on your system. In fact, apt-get calls dpkg to do the installation once it's gotten the package.


dpkg-deb

Lower-level packaging tool. Used to create and manage the Debian package archives. Accepts and executes commands from dpkg or can be called directly.


dselect

An interactive frontend to dpkg. With the advent of the newer tools and the increased number of packages, the use of dselect is deprecated.


RPM

The original command-line system for installing and managing RPM packages. RPM has two commands: rpm for installing and managing packages, and rpmbuild for creating packages.


synaptic

A graphical frontend to APT.


up2date

A graphical frontend to RPM.


yum

A frontend to RPM that runs from the command line.

If you want to update your system daily, to keep it current and to be sure you have the latest security fixes, you can set up a command that you can reissue every day, or you can set it up as a cron job to run overnight. (See the descriptions of the cron and crontab commands in Chapter 3 for more information on setting up a cron job.)

For example, with apt-get, you can set up the command:

          apt-get update && apt-get -u dist-upgrade>

This command runs apt-get twice: first to update the local package lists, and then to actually do the upgrade. The dist-upgrade command handles all dependencies when it does the upgrade, and the -u option prints a list of the packages being upgraded.

yum, on the other hand, comes with acron job that can be run daily. This job first updates yum itself, then updates all the remaining packages:

     #!/bin/sh     if [ -f /var/lock/subsys/yum ]; then             /usr/bin/yum -R 10 -e 0 -d 0 -y update yum             /usr/bin/yum -R 120 -e 0 -d 0 -y update     fi

The -R option sets a maximum time, in minutes, for yum to wait before running the command, -e sets the error level to 0 to print only critical errors, -d specifies a debug level of 0 to print no debugging messages, and -y assumes "yes" as the answer to any questions.



Linux in a Nutshell
Linux in a Nutshell
ISBN: 0596154488
EAN: 2147483647
Year: 2004
Pages: 147

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net