3. Package management

3.1. Outline

  • Debian and Ubuntu packages.

  • Advanced Package Tool (APT) for package installation, removal, search, and query.

  • Debian package tool (dpkg) for package installation, removal, and query.

  • Redhat packages.

  • Yellowdog Updater Modified (YUM and DNF) for package installation, removal, search, and query.

  • Redhat Package Manager (RPM) for package installation, removal, and query


3.2. The purpose of Linux packages

All files in Linux distros come in packages. Packages are used for the following tasks:

  • Install software

  • Remove software

  • Update installed software

  • Fix broken or partly removed software files

  • Reconfigure installed software


3.3. Linux package management

Linux package managemen


3.4. Ubuntu (Debian) packages

Ubuntu OS components and most of the GNU software are available in form of packages. A package file contains:

  • Software

  • Info (control) file

  • Scripts (pre/post install/remove)

  • md5sum file hashes

  • Naming convention:

(package-name)_(source version)-(package-version)_(architecture).deb

For example:

make_4.3-4.1build1_amd64.deb

Package name is make. The source version is 4.3 of GNU Make 4.3 series, package version (revision): 4.1 from Debian, rebuilt for Ubuntu (build1), architecture: amd64.

The official Ubuntu distribution located in the Ubuntu archive, folder main and Restricted. In folder Restricted, there are packages with restricted vendor licensing, for example, nvidia-compute-utils-495.

Universe Is free software available from the network, but not officialy maintained by Ubuntu development team. For example, a2ps (“Anything to PS”), xemacs21. No guarantee of security fixes and support.

Multiverse Packages in the archive have some onerous license condition restricting use or redistribution of the software. For example, dvd-slideshow.

Developers may offer their own package repositories, called package personal archives (PPA).

You can run command apt-cache show on the package to see what package belongs to what folder:

apt-cache show make | grep Filename

Filename: pool/main/m/make-dfsg/make_4.3-4.1build1_amd64.deb

apt-cache show nvidia-compute-utils-495 | grep Filename

Filename: pool/restricted/n/nvidia-graphics-drivers-510/nvidia-compute-utils-495_510.108.03-0ubuntu0.22.04.1_amd64.deb

apt-cache show a2ps | grep Filename

Filename: pool/universe/a/a2ps/a2ps_4.14-7_amd64.deb

apt-cache show dvd-slideshow | grep Filename

Filename: pool/multiverse/d/dvd-slideshow/dvd-slideshow_0.8.6.1-1.1_all.deb

Debian system APT folders

  • main

  • contrib

  • non-free


3.5. Installing Ubuntu packages with APT (Exercises)

Clone kvm1 into kvm3:

virsh shutdown kvm1
virt-clone -o kvm1 -n kvm3 -f /home/hostadm/KVM/kvm3.qcow2

Start kvm3 VM and login to its console via virsh:

virsh start kvm3
virsh console kvm3

Fix the hostname by editing file /etc/hostname with nano editor:

sudo -s
nano /etc/hostname

change kvm1 for kvm3.

Run script

vm_id_reset.sh

Reboot the VM:

reboot

Login to kvm3.

Try executing command make, which doesn’t exist on the VM yet:

make

The system error comes: The program ‘make’ is currently not installed.

You can install it by typing: sudo apt install make Install recommended package make by running apt install:

apt install make

You should be able to run command make now.

Simulate package installation by using option -s:

apt install -s netpbm

Notice the prerequisite library package that would get installed, libnetpbm10 Download the package without installation:

apt install -d netpbm

Notice the deb files with the packages in the apt cache directory:

ls -l /var/cache/apt/archives

Another way to download a package and get it in the current working directory:

apt download netpbm

Install the package:

apt install netpbm

Updating all the installed packages

apt update
apt upgrade

The APT repository and software folders are defined in file /etc/apt/sources.list and optionally in directory /etc/apt/sources.list.d


3.6. Removing Ubuntu packages with APT (Exercises)

Remove package make by running apt remove:

apt remove make

Simulate package removal by using option -s:

apt remove -s netpbm

Notice package libnetpbm10 won’t be removed Simulate package removal with the dependencies:

apt autoremove -s netpbm

Notice the both packages would be removed. Remove the package with the dependencies:

apt autoremove netpbm

Both netpbm and libnetpbm10 should be gone now.


3.7. Search and quiry Ubuntu packages with APT (Exercises)

First, update the available package list from the Ubuntu repository:

apt update

Search for packages containing string make in their name or description:

apt-cache search make

Narrow down the search results for the names containing make:

apt-cache search --names-only make

Filter the output for word make

apt-cache search --names-only make | grep -w ^make

Get the information about package make:

apt-cache show make

List the packages that depend on package make. Forcefully removing make would break these packages.

apt-cache showpkg make

Show the packages a given package depends on:

apt-cache depends make

3.8. APT logs

The history of all apt commands is stored in file /var/log/apt/history.log

To browse through the apt history:

less /var/log/apt/history.log

To see the last 20 lines of the history:

tail -20 /var/log/apt/history.log

3.9. Quiry Ubuntu packages with dpkg (Exercises)

What packages are installed on the system?

dpkg -l

Quiry package status with dpkg:

dpkg -s make
dpkg -s tzdata

List the files contained in the package:

dpkg -L tzdata

What package contains a file? For example, command /bin/ls

dpkg -S /bin/ls

Reconfigure a package with command dpkg-reconfigure after installation:

dpkg-reconfigure tzdata

To see the current package configuration, command debconf-show can be used, for example:

debconf-show tzdata

If there is no package dependencies, then a package can be installed with command dpkg. Otherwise, use APT. Install package make:

cp /var/cache/apt/archives/make_4.3-4.1build1_amd64.deb /tmp
cd /tmp
dpkg -i make_4.3-4.1build1_amd64.deb

To see the list of the files, contained in the deb package file:

dpkg --contents make_4.3-4.1build1_amd64.deb

Remove package make by using command dpkg:

dpkg --purge make

Extract the package content into new directory PKGdir:

dpkg -X make_4.3-4.1build1_amd64.deb PKGdir

Browse the directory tree with command tree:

tree PKFdir

3.10. APT security (Exercise)

  • Packages spooled into /var/cache/apt/archives/ before installation.

  • File Packages (catalog) contains the MD5, SHA1, SHA256, SHA512 hashes, which are presented via apt-cache show command.

  • apt install verifies the hash of the installable package file with the published one.

  • The cached Packages file content is stored in /var/lib/apt.

  • The Packages file is signed with the maintainers GPG key.

  • The maintainers public GPG keys are stored in directory /etc/apt/trusted.gpg.d

Remove the gpg public keys:

rm /etc/apt/trusted.gpg.d/*

Run command below and see the error messages about unverifiable signature:

apt update

Restore the public keys:

apt install  ubuntu-keyring --reinstall

Check the installed trusted keys:

apt-key list

Run apt update again.


3.11. Adding APT repository

New apt lists should be either added to file /etc/apt/sources.list or added as new files in directory /etc/apt/sources.list.d

For example, lets add the repository for BeeGFS file system.

Download file beegfs-jammy.list from the vendor’s web site into directory /etc/apt/sources.list.d:

cd /etc/apt/sources.list.d

Download the vendor public key, dearmor, and store it in directory /etc/apt/keyrings:

cd /tmp
wget https://www.beegfs.io/release/beegfs_7.4.3/gpg/GPG-KEY-beegfs
cat GPG-KEY-beegfs  | sudo gpg --dearmor -o /etc/apt/keyrings/GPG-KEY-beegfs.gpg

Reference the key in file /etc/apt/sources.list.d/beegfs-jammy.list:

content of beegfs-jammy.list file

deb [signed-by=/etc/apt/keyrings/GPG-KEY-beegfs.gpg] https://www.beegfs.io/release/beegfs_7.4.3 jammy non-free

Update apt caches:

apt update

3.12. RedHat packages

RPM Package naming convention:

(package-name)-(source version)-(package release).(architecture).rpm

For example,

nano-5.6.1-5.el9.x86_64.rpm

Package name is nano. The source version is 5.6.1. The package release is 5.el9 (Release 5 for RedHat Enterprise Linux 9). Architecture is x86_64.


3.13. Installing and removing RedHat packages with DNF (Exercises)

DNF or Dandified YUM is the next-generation version of the Yellowdog Updater, Modified (yum), a package manager for .rpm-based Linux distributions such as RedHat, Fedora, and Rocky.

Clone your rocky9 VM into rocky91,

virt-clone -o rocky9 -n rocky91 -f /home/hostadm/KVM/rocky91.qcow2

Start rocky91 and login to its console via command virsh console:

virsh start rocky91
virsh console rocky91

Fix the hostname in file /etc/hostname for the correct one, rocky91

Run the following commands to reset the machine-id or rocky91 and release its DHCP IP address:

sudo dnf install dbus-tools
sudo rm -f /etc/machine-id
sudo dbus-uuidgen --ensure=/etc/machine-id
sudo dbus-uuidgen --ensure
sudo dhclient -r eth0

Reboot the VM:

sudo reboot

Clean the dnf cache:

dnf clean all

Install package netpbm on it:

dnf install netpbm

Reinstall package netpbm:

dnf reinstall netpbm

You can download packages without installation, for example:

dnf download make
ls -l make*

Check available updates for installed packages:

dnf check-update

Update package tzdata

dnf update tzdata

Updating all the installed packages:

dnf update

To remove an installed package:

dnf remove netpbm

The same can be accomplished with:

dnf erase netpbm

3.14. Search and quiry RPM packages with DNF (Exercises)

List the installed package and the package available for installation

dnf list gsl
dnf list coreutils

The output shows three columns - the package name and architecture, the package version, and the repository. The latter package showes up as installed (@ in front of the repo), and the former as available for installation.

To see just installed packages:

dnf list --installed
dnf repoquery --installed

To see packages available for installation:

dnf list --available
dnf repoquery

Search for packages containing string make in their name or description:

dnf search make

Get the information about package make:

dnf info make

List the packages that package make depends upon:

dnf deplist make

Identify the package that contains a specific file, for example /bin/ls:

dnf provides /usr/bin/ls

3.15. DNF repositories (Exercises)

Like in Ubuntu, the Redhat packages are sorted in repositories.

The dnf repositores are defined in directory /etc/yum.repos.d/*.repo

To see the available package repositories:

dnf repolist
  • BaseOS

  • AppStream

  • Extras

See disabled repositories:

dnf repolist --disabled

Packages can be installed only from enabled repositories.

To enable, for example repository baseos-source:

dnf config-manager --enable  baseos-source

Check the list of available repos:

dnf repolist

To see the packages in repo baseos-source:

dnf list --repo baseos-source

Add an external vendor repo, for example, BeeGFS with the .repo file in URL:

dnf config-manager --add-repo https://www.beegfs.io/release/beegfs_7.4.3/dists/beegfs-rhel9.repo

Import the vendor key:

rpm --import https://www.beegfs.io/release/beegfs_7.4.3/gpg/GPG-KEY-beegfs

Check the list of available repos:

dnf repolist

See repo file beegfs-rhel9.repo in directory /etc/yum.repos.d:

ls /etc/yum.repos.d

Install a package from the new repo:

dnf install beegfs-helperd

Remove the repo:

rm /etc/yum.repos.d/beegfs-rhel9.repo

Check the list of available repos:

dnf repolist

3.16. Advanced DNF functionalities

History of DNF transactions:

dnf history

It is possible to revert dnf installation or upgrade in case the old pkgs are still available in thge repos. For example to revert transaction 10:

dnf history undo 10

Roll back to transaction 9:

dnf history rollback 9

DNF also provides bundles of packages by

  • package groups

  • package modules

dnf group list
dnf module list

The detailed info on dnf can be found in the RedHat docs:

Managing software with the DNF tool


3.17. Query RPM packages with rpm (Exercises)

What packages are installed on the system?

rpm -qa

A friendly readable list comes after sorting the output:

rpm -qa | sort | less

If there is no package dependencies or the dependencies have already been resolved, then a package can be simply installed with command rpm from its file. Otherwise, use DNF. Install package make from its rpm file:

make-4.3-8.el9.x86_64.rpm

Quiry package status with rpm:

rpm -q make

Display information about the installed package:

rpm -qi make

List the files contained in the package:

rpm -ql make

Which package owns a file? For example, command /bin/ls

rpm -qf /bin/ls

RPM dependencies:

rpm -qR make

Try to remove package make by using command rpm:

rpm -e make

Quiry the package file:

rpm -qp  make-4.3-8.el9.x86_64.rpm
rpm -qlp make-4.3-8.el9.x86_64.rpm
rpm -qip make-4.3-8.el9.x86_64.rpm

The second command above shows the files contained in the package file, and the third command displays the info about the package. More info about command rpm can be found in the man pages:

man rpm