3. Package management#
3.1. Outline#
Debian and Ubuntu packages.
Advanced Package Tool (APT) for package installation, removal, search, and query.
Debian package tool (dpkg) for package installation, removal, and query.
Redhat packages.
Yellowdog Updater Modified (YUM and DNF) for package installation, removal, search, and query.
Redhat Package Manager (RPM) for package installation, removal, and query
3.2. The purpose of Linux packages#
All files in Linux distros come in packages. Packages are used for the following tasks:
Install software
Remove software
Update installed software
Fix broken or partly removed software files
Reconfigure installed software
3.3. Linux package management#
3.4. Ubuntu (Debian) packages#
Ubuntu OS components and most of the GNU software are available in form of packages. A package file contains:
Software
Info (control) file
Scripts (pre/post install/remove)
md5sum file hashes
Naming convention:
(package-name)_(source version)-(package-version)_(architecture).deb
For example:
make_4.3-4.1build1_amd64.deb
Package name is make. The source version is 4.3 of GNU Make 4.3 series, package version (revision): 4.1 from Debian, rebuilt for Ubuntu (build1), architecture: amd64.
The official Ubuntu distribution located in the Ubuntu archive, folder main and Restricted. In folder Restricted, there are packages with restricted vendor licensing, for example, nvidia-compute-utils-495.
Universe Is free software available from the network, but not officialy maintained by Ubuntu development team. For example, a2ps (“Anything to PS”), xemacs21. No guarantee of security fixes and support.
Multiverse Packages in the archive have some onerous license condition restricting use or redistribution of the software. For example, dvd-slideshow.
Developers may offer their own package repositories, called package personal archives (PPA).
You can run command apt-cache show on the package to see what package belongs to what folder:
apt-cache show make | grep Filename
Filename: pool/main/m/make-dfsg/make_4.3-4.1build1_amd64.deb
apt-cache show nvidia-compute-utils-495 | grep Filename
Filename: pool/restricted/n/nvidia-graphics-drivers-510/nvidia-compute-utils-495_510.108.03-0ubuntu0.22.04.1_amd64.deb
apt-cache show a2ps | grep Filename
Filename: pool/universe/a/a2ps/a2ps_4.14-7_amd64.deb
apt-cache show dvd-slideshow | grep Filename
Filename: pool/multiverse/d/dvd-slideshow/dvd-slideshow_0.8.6.1-1.1_all.deb
Debian system APT folders
main
contrib
non-free
non-free-firmware
3.5. Installing Ubuntu packages with APT (Exercises)#
Clone kvm1 into kvm3:
virsh shutdown kvm1
virt-clone -o kvm1 -n kvm3 -f /home/hostadm/KVM/kvm3.qcow2
Start kvm3 VM and login to its console via virsh:
virsh start kvm3
virsh console kvm3
Fix the hostname by editing file /etc/hostname with nano editor:
sudo -s
nano /etc/hostname
change kvm1 for kvm3.
Run script
vm_id_reset.sh
Reboot the VM:
reboot
Login to kvm3.
Try executing command make, which doesn’t exist on the VM yet:
make
The system error comes: The program ‘make’ is currently not installed.
You can install it by typing: sudo apt install make
Install recommended package make by running apt install:
apt install make
You should be able to run command make now.
Simulate package installation by using option -s:
apt install -s netpbm
Notice the prerequisite library package that would get installed, libnetpbm10 Download the package without installation:
apt install -d netpbm
Notice the deb files with the packages in the apt cache directory:
ls -l /var/cache/apt/archives
Another way to download a package and get it in the current working directory:
apt download netpbm
Install the package:
apt install netpbm
Updating all the installed packages
apt update
apt upgrade
The APT repository and software folders are defined in file
/etc/apt/sources.list and optionally in directory /etc/apt/sources.list.d
3.6. Removing Ubuntu packages with APT (Exercises)#
Remove package make by running apt remove:
apt remove make
Simulate package removal by using option -s:
apt remove -s netpbm
Notice package libnetpbm10 won’t be removed Simulate package removal with the dependencies:
apt autoremove -s netpbm
Notice the both packages would be removed. Remove the package with the dependencies:
apt autoremove netpbm
Both netpbm and libnetpbm10 should be gone now.
3.7. Search and quiry Ubuntu packages with APT (Exercises)#
First, update the available package list from the Ubuntu repository:
apt update
Search for packages containing string make in their name or description:
apt-cache search make
Narrow down the search results for the names containing make:
apt-cache search --names-only make
Filter the output for word make
apt-cache search --names-only make | grep -w ^make
Get the information about package make:
apt-cache show make
List the packages that depend on package make. Forcefully removing make would break these packages.
apt-cache showpkg make
Show the packages a given package depends on:
apt-cache depends make
3.8. APT logs#
The history of all apt commands is stored in file /var/log/apt/history.log
To browse through the apt history:
less /var/log/apt/history.log
To see the last 20 lines of the history:
tail -20 /var/log/apt/history.log
3.9. Quiry Ubuntu packages with dpkg (Exercises)#
What packages are installed on the system?
dpkg -l
Quiry package status with dpkg:
dpkg -s make
dpkg -s tzdata
List the files contained in the package:
dpkg -L tzdata
What package contains a file? For example, command /bin/ls
dpkg -S /bin/ls
Reconfigure a package with command dpkg-reconfigure after installation:
dpkg-reconfigure tzdata
To see the current package configuration, command debconf-show can be used, for example:
debconf-show tzdata
If there is no package dependencies, then a package can be installed with command dpkg. Otherwise, use APT. Install package make:
cp /var/cache/apt/archives/make_4.3-4.1build1_amd64.deb /tmp
cd /tmp
dpkg -i make_4.3-4.1build1_amd64.deb
To see the list of the files, contained in the deb package file:
dpkg --contents make_4.3-4.1build1_amd64.deb
Verify the consistency of installed files from a package:
dpkg -V make
There is nothing in the output.
Let’s modify a content of one of the files that comes with the package, /usr/include/gnumake.h:
echo '/* last line */' >> /usr/include/gnumake.h
Remove file /usr/share/man/man1/make.1.gz:
rm /usr/share/man/man1/make.1.gz
Run the package consistency check and see the tampered and removed files in the list:
dpkg -V make
Remove package make by using command dpkg:
dpkg --purge make
Extract the package content into new directory PKGdir:
dpkg -X make_4.3-4.1build1_amd64.deb PKGdir
Browse the directory tree with command tree:
tree PKFdir
3.10. APT security (Exercise)#
Packages spooled into /var/cache/apt/archives/ before installation.
File Packages (catalog) contains the MD5, SHA1, SHA256, SHA512 hashes, which are presented via
apt-cache showcommand.apt installverifies the hash of the installable package file with the published one.The cached Packages file content is stored in /var/lib/apt.
The Packages file is signed with the maintainers GPG key.
The maintainers public GPG keys are stored in directory /etc/apt/trusted.gpg.d
Remove the gpg public keys:
rm /etc/apt/trusted.gpg.d/*
Run command below and see the error messages about unverifiable signature:
apt update
Restore the public keys:
apt install ubuntu-keyring --reinstall
Check the installed trusted keys:
apt-key list
Run apt update again.
3.11. Adding APT repository#
New apt lists should be either added to file /etc/apt/sources.list or added as new files in directory /etc/apt/sources.list.d
For example, lets add the repository for BeeGFS file system.
Download file beegfs-jammy.list from the vendor’s web site into directory /etc/apt/sources.list.d:
cd /etc/apt/sources.list.d
wget https://www.beegfs.io/release/beegfs_7.4.3/dists/beegfs-jammy.list
Download the vendor public key, dearmor, and store it in directory /etc/apt/keyrings:
cd /tmp
wget https://www.beegfs.io/release/beegfs_7.4.3/gpg/GPG-KEY-beegfs
cat GPG-KEY-beegfs | sudo gpg --dearmor -o /etc/apt/keyrings/GPG-KEY-beegfs.gpg
Reference the key in file /etc/apt/sources.list.d/beegfs-jammy.list:
content of beegfs-jammy.list file
deb [signed-by=/etc/apt/keyrings/GPG-KEY-beegfs.gpg] https://www.beegfs.io/release/beegfs_7.4.3 jammy non-free
Update apt caches:
apt update
3.12. RedHat packages#
RPM Package naming convention:
(package-name)-(source version)-(package release).(architecture).rpm
For example,
nano-5.6.1-5.el9.x86_64.rpm
Package name is nano. The source version is 5.6.1. The package release is 5.el9 (Release 5 for RedHat Enterprise Linux 9). Architecture is x86_64.
3.13. Installing and removing RedHat packages with DNF (Exercises)#
DNF or Dandified YUM is the next-generation version of the Yellowdog Updater, Modified (yum), a package manager for .rpm-based Linux distributions such as RedHat, Fedora, and Rocky.
Clone your rocky9 VM into rocky91,
virt-clone -o rocky9 -n rocky91 -f /home/hostadm/KVM/rocky91.qcow2
Start rocky91 and login to its console via command virsh console:
virsh start rocky91
virsh console rocky91
Fix the hostname in file /etc/hostname for the correct one, rocky91
Run the following commands to reset the machine-id or rocky91 and release its DHCP IP address:
sudo dnf install dbus-tools
sudo rm -f /etc/machine-id
sudo dbus-uuidgen --ensure=/etc/machine-id
sudo dbus-uuidgen --ensure
sudo dhclient -r eth0
Reboot the VM:
sudo reboot
Clean the dnf cache:
dnf clean all
Install package netpbm on it:
dnf install netpbm
Reinstall package netpbm:
dnf reinstall netpbm
You can download packages without installation, for example:
dnf download make
ls -l make*
Check available updates for installed packages:
dnf check-update
Update package tzdata
dnf update tzdata
Updating all the installed packages:
dnf update
To remove an installed package:
dnf remove netpbm
The same can be accomplished with:
dnf erase netpbm
3.14. Search and quiry RPM packages with DNF (Exercises)#
List the installed package and the package available for installation
dnf list gsl
dnf list coreutils
The output shows three columns - the package name and architecture, the package version, and the repository. The latter package showes up as installed (@ in front of the repo), and the former as available for installation.
To see just installed packages:
dnf list --installed
dnf repoquery --installed
To see packages available for installation:
dnf list --available
dnf repoquery
Search for packages containing string make in their name or description:
dnf search make
Get the information about package make:
dnf info make
List the packages that package make depends upon:
dnf deplist make
Identify the package that contains a specific file, for example /bin/ls:
dnf provides /usr/bin/ls
3.15. DNF repositories (Exercises)#
Like in Ubuntu, the Redhat packages are sorted in repositories.
The dnf repositores are defined in directory /etc/yum.repos.d/*.repo
To see the available package repositories:
dnf repolist
BaseOSAppStreamExtras
See disabled repositories:
dnf repolist --disabled
Packages can be installed only from enabled repositories.
To enable, for example repository baseos-source:
dnf config-manager --enable baseos-source
Check the list of available repos:
dnf repolist
To see the packages in repo baseos-source:
dnf list --repo baseos-source
Add an external vendor repo, for example, BeeGFS with the .repo file in URL:
dnf config-manager --add-repo https://www.beegfs.io/release/beegfs_7.4.3/dists/beegfs-rhel9.repo
Import the vendor key:
rpm --import https://www.beegfs.io/release/beegfs_7.4.3/gpg/GPG-KEY-beegfs
Check the list of available repos:
dnf repolist
See repo file beegfs-rhel9.repo in directory /etc/yum.repos.d:
ls /etc/yum.repos.d
Install a package from the new repo:
dnf install beegfs-helperd
Remove the repo:
rm /etc/yum.repos.d/beegfs-rhel9.repo
Check the list of available repos:
dnf repolist
3.16. Advanced DNF functionalities#
History of DNF transactions:
dnf history
It is possible to revert dnf installation or upgrade in case the old pkgs are still available in thge repos. For example to revert transaction 10:
dnf history undo 10
Roll back to transaction 9:
dnf history rollback 9
DNF also provides bundles of packages by
package groupspackage modules
dnf group list
dnf module list
The detailed info on dnf can be found in the RedHat docs:
Managing software with the DNF tool
3.17. Query RPM packages with rpm (Exercises)#
What packages are installed on the system?
rpm -qa
A friendly readable list comes after sorting the output:
rpm -qa | sort | less
If there is no package dependencies or the dependencies have already been resolved, then a package can be simply installed with command rpm from its file. Otherwise, use DNF. Install package make from its rpm file:
make-4.3-8.el9.x86_64.rpm
Quiry package status with rpm:
rpm -q make
Display information about the installed package:
rpm -qi make
List the files contained in the package:
rpm -ql make
Which package owns a file? For example, command /bin/ls
rpm -qf /bin/ls
RPM dependencies:
rpm -qR make
Verify the consistency of installed files from a package:
rpm -V make
There is nothing in the output.
Let’s modify a content of one of the files that comes with the package, /usr/include/gnumake.h:
echo '/* last line */' >> /usr/include/gnumake.h
Remove file /usr/share/man/man1/make.1.gz:
rm /usr/share/man/man1/make.1.gz
Run the package consistency check and see the tampered and removed files in the list:
rpm -V make
Try to remove package make by using command rpm:
rpm -e make
Quiry the package file:
rpm -qp make-4.3-8.el9.x86_64.rpm
rpm -qlp make-4.3-8.el9.x86_64.rpm
rpm -qip make-4.3-8.el9.x86_64.rpm
The second command above shows the files contained in the package file, and the third command displays the info about the package. More info about command rpm can be found in the man pages:
man rpm
3.18. References on APT and YUM#
Package Management table for rpm and deb packages