In many of these tutorials we speak of "package managers" and "package management tools." If you're new to the Linux world and don't quite understand what all the fuss is about, or if you're familiar with one package management tool but need to learn how to use another, this guide will provide a comparative introduction to major package management tools.
These instructions work with the Linode platform. If you don't have a Linode yet, sign up for a Linux VPS and get started today.
Contemporary distributions of Linux-based operating systems install software in pre-compiled "packages" which contain (for most systems) binaries of software, configuration files, and in most systems, information about dependencies. Furthermore, package management tools keep track of updates and upgrades so that we don't have to hunt down information about bug and security fixes.
Without package management, users must ensure that all of the required dependencies for a piece of software are installed and up to date, compile the software from the source code (which takes time, and introduces compiler-based variances from system to system), and manage configuration for each piece of software. Additionally, without package management, application files are located in the (hopefully) standard locations for the system to which the developer(s) are accustomed, regardless of what system you're using. In short, this becomes an utter mess.
Package management systems attempt to solve these problems, and are the tools through which developers attempt to increase the overall quality and coherence of a Linux-based operating system. Pursuant to these goals the features that (most) package management applications provide are:
In general we recommend, when installing new software, that you install the versions of software available in your distribution's repository and packaged for your operating system. If packages for the application or software that you need to install isn't available, we recommend that you find packages for your operating system or package the software rather than installing it manually.
The remainder of this guide will cover how to use specific package management systems, including how to compile and package software yourself.
The Debian package management system, based on a tool called dpkg with the very popular apt system is an incredibly powerful, popular, and useful method of package management. In addition to Debian 5 (known as "Lenny") a number of other prominent distributions of GNU/Linux are derived from the Debian system, most notably the Ubuntu family of distributions.
As a result these instructions are applicable for Debian and Ubuntu systems. While Debian and derived systems are not necessarily binary-compatible, .debs packaged for Debian are often compatible with Ubuntu (though this is not a supported workflow). Let's begin by reviewing some basic commands.
Chances are good that you're already familiar with apt-get, a command which uses the "advanced package tool" to interact with the operating system's underlying package system. The most relevant and useful commands are, (to be run as root):
While apt-get likely provides the most often used functionality of the package management, apt provides additional information that you may find useful in the apt-cache command.
In general, combining most of these commands with apt-cache show can provide you with a lot of useful information about your system, the software that you might want to install, and the software that you have already installed. If interacting with this information via the command line is difficult, both Debian and Ubuntu provide websites which present this information in an easier-to-see framework. If you're overwhelmed by apt-cache check out:
aptitude is another front-end interface for apt. It provides a graphical command line (via ncurses) interface to apt, which you might find useful for an easier approach to daily administrative tasks.
In addition to the graphical interface, aptitude provides a combined command line interface for most apt functionality. The salient commands are:
Aptitude also includes advanced functionality for "safe" upgrading (an upgrade that doesn't remove existing packages), as well as preventing the system from upgrading specific packages ("holding"). If this kind of functionality would be useful for you we encourage you to use the aptitude interface.
The file /etc/apt/sources.list controls which repositories apt constructs its database from. This file contains lines in the following format:
deb [location-of-resources] [distribution] [component(s)]
Here are some examples:
deb http://mirror.cc.columbia.edu/pub/linux/debian/debian/ lenny main contrib deb http://emacs.orebokech.com lenny main
The first line specifies the Columbia University mirror for the the "Lenny" distribution (Debian 5.0, Stable Release 14 February 2009), as well as the main and contributed components. The next line specifies the emacs.orebokech.com repository for Lenny, which provides regularly updated packages for emacs-snapshot (versions of emacs23, built from the current CVS tree), and its main component.
In general one does not want to add new entries to sources.list without a lot of scrutiny and diligence, as updating the package cache with additional repositories and running upgrades can sometimes result in the installation of broken packages, unmet dependencies, and system instability. In Debian systems, downgrading is often difficult.
For Debian systems, the repository names can either refer to the
distribution code name (version specific; eg. lenny for
current-stable, squeeze for testing, sid for unstable, etch for
old-stable) or to a specific branch (eg, oldstable, stable, testing,
unstable). For more information about Debian versions and choosing a
Debian version or branch, read the Debian releases and branches page
.
The component section of the line divides the repository based on how much support the developers of the operating system are able to offer for the contained packages (eg. main vs. contrib), or if the software is considered "free-software" or simply freely-distributable (eg. non-free).
The layout of sources.list is a bit different in Ubuntu systems. The lines are in the same format but the names of the distributions and components are different:
apt-get and apt-cache are merely front-ends that provide a more usable interface, and connections to repositories for the underlying package management tools called dpkg and debconf. These tools are quite powerful, and fully documenting their functionality is beyond the scope of this document. However, a basic understanding of how to use these tools is useful. The most useful commands are:
For more information about building your own packages, refer to the
Debian New Maintainers Guide
Fedora and CentOS are closely related distributions, being upstream and downstream (respectively) from Red Hat Enterprise Linux. Their main differences stem from how packages are chosen for inclusion in their repositories. From a package management perspective the tools are very similar.
Both systems use the yum program as a front end to interact with system repositories and install dependencies, and also include a lower level tool called rpm which allows you to interact with individual rpm packages.
Note: Many operating systems aside from RedHat and Fedora use rpm packages. These include OpenSuSE, AIX, and Mandriva; while it may be possible to install an RPM packaged for one operating system on another, this is not supported or recommended, and the results of this action can vary greatly.
The yum tool was initially developed for the Yellow Dog Linux system as a replacement for the then-default Yellow Dog Updater (yup). RedHat found the yum tool to be a valuable addition to their systems. Today yum is the default package and repository management tool for a number of operating systems.
From the command line, you can use the following subset of commands to interact with yum:
In many ways yum is simply a front end to a lower-level package management tool called rpm, similar to apt-get's relationship with dpkg. The chances are good that you will not need to interact with rpm very much, but there are a few commands that you may find useful.
The following commands should be run as root. The flags are expanded here in the pursuit of clarity, but the more conventional terse syntax is also included.
(_Note:_ rpm does no dependency resolution. You must install dependencies manually when using rpm.) For more information about rpm please consult these external sources:
The file located at /etc/yum.conf provides system-wide configuration options for yum, as well as information about repositories. Repository information may also be located in files ending in .repo under /etc/yum.repos.d
The options in the [main] stanza are pretty self-explanatory and shouldn't need modification, though you set alternate logging and cache locations for the database with the following lines in /etc/yum.conf:
logfile=/var/log/yum.log cachedir=/var/cache/yum
To define a new stanza for a new repository use the following template, replacing the capitalized strings with actual values:
[REPO-NAME] name=REPOSITORY-NAME mirrorlist=HTTP-ACCESSIBLE-MIRROR-LIST #baseurl=BASE-URL-FOR-REPOSITORY gpgcheck=BOOLEAN-VALUE[1-or-0]-TO-VERIFY-REPOSITORY gpgkey=FILE-PATH-TO-GPG-KEY
The following example is the default configuration for the "Base" repository in CentOS 5.2:
[base] name=CentOS-$releasever - Base mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os #baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/ gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
ArchLinux uses binary packages in a .tar.gz format, and also provides a "ports" build system that facilitates building packages.
The Arch tool, pacman is sophisticated, complete, modern and provides rich and helpful output. ArchLinux runs on a "rolling release" schedule, which means packages are added to the main repository when they (and their dependencies) are deemed ready for production. This means that there aren't release versions of Arch, as all systems once upgraded are of equivalent version.
Therefore it is incumbent upon administrators of ArchLinux to consider the output of pacman carefully before agreeing to upgrade or update any packages.
While the pacman tool is very powerful, it is also very simple. We encourage you to become more familiar with the tool, but there are three core commands for basic package management: The list below include the verbose and terse forms of the command:
Note that the terse flags are all uppercase and case-sensitive. These terse flags are often combined with additional flags for additional functionality. Here are some examples and a brief description of the functionality they provide:
pacman's configuration is defined in the /etc/pacman.conf file, while the addresses of the repository mirrors are contained in /etc/pacman.d/mirrorlist. The mirror list was created and prioritized during the installation process and you probably will not need to alter this.
The options provided in the stock /etc/pacman.conf are reasonably self explanatory and are beyond the scope of this document. (You may access the manual page for this configuration file with the command man pacman.conf).
While it is unlikely that you would need to modify the default pacman.conf for most installations, know that inside of pacman.conf you can change default installation and logging directories and specify packages to be held back from upgrades.
Additionally, if you need to add an additional third party repository to pacman, you can do that by adding a repository stanza like this:
[REPOSITORY-NAME] Server = SERVER-LOCATION Include = REPOSITORY-LIST
Note, the Server = and Include = lines are both optional, and the order of presentation of servers and includes indicates their priority. By default, the testing repository is disabled, which is probably wise if you're planning to use the system for production work; however if you need bleeding-edge packages, uncomment those lines.
The Arch Build System provides a method for users to compile and install software not included in the Arch repository within the pacman framework. This brief guide outlines the steps to building a package using the abs.
All commands explained here should be run as root. Begin by installing the abs framework and the base-devel packages using the following command:
pacman -Sy abs base-devel
Now, edit /etc/abs.conf so that the REPOS line indicates all of the proper repositories. Note, repositories prefixed with a bang (eg. !) are disabled. The line might look like:
REPOS=(core extra community !testing)
To create a local ABS tree in /var/abs, run the the abs command as root. You may now browse /var/abs which contains a representation of the package collection with folders representing each repository, category, and piece of software.
Arch recommends that you create a build directory at another location, perhaps ~/abs/, where actual building will occur.
Begin the build process by copying the files from the ABS tree into your build directory, like so (not as root):
cp -r /var/abs/[REPO]/[PACKAGE] ~/abs
Now, change to the package's directory:
cd ~/abs/[PACKAGE]
You have the option of modifying the PKGBUILD file. There's a build shell function where you can add additional patches to the files if you have any modifications to the software or the build process if you need to. That shell function generally looks like:
build() {
cd $startdir/src/$pkgname-$pkgver.orig
patch -Np1 -i
$startdir/src/${pkgname}_${pkgver}-$_patchlevel.diff || return 1
./configure --prefix=/usr
make || return 1
make install
}
Now you're ready to build the package. Use the following command as a normal, non-root user:
makepkg -s
makepkg creates a package that contains dependency information. As root, issue the following command:
pacman -U [package-file-name].pkg.tar.gz
Make sure to type the full package name exactly as it appears in the file system. Arch will now install the package and any required dependencies.
Because the ABS system downloads source and versions of the PKGBUILD file as it creates the package--sometimes checking out a copy of the source code from the version control system, we don't recommend deleting or removing files from the build directory hierarchy.
The Gentoo Linux operating system is a unique and flexible distribution. Gentoo provides the entire operating system in source format. These source packages, in concert with "ebuild" scripts, provide a sophisticated package management system that borrows and builds on many concepts from the BSD world's "ports" system.
Compiling the entire system from source is purported to offer some slight performance benefit, though this benefit may be hard to discern in a virtualized environment. Furthermore, the process of compiling software from source takes a significant amount of time. Nevertheless, many users enjoy the portage framework and the Gentoo operating system for specialized deployments.
Like Arch Linux, the Gentoo project produces new versions of Gentoo Linux on a "rolling release" cycle. In these distributions new versions of individual packages are released when the packages are deemed ready for production.
This section addresses common package management tasks and functions using the "emerge" front end for the portage system. We encourage you to install the "gentoolkit" to provide additional package management tools, such as equery. You can install this package with the following command:
emerge app-portage/gentoolkit
Portage also makes it possible to install additional variants of a package with the "USE flags" options. To discover which USE flags are available for a given package, issue the following command:
equery uses [package-name]
The equery command depends on the gentoolkit package. This will provide information about what USE flags are available and which have been installed. To specify additional USE flags, issue a command in the following form:
USE="[flags]" emerge [package-name]
This will install the specified package with the appropriate options enabled.
This guide is licensed under a Creative Commons Attribution-No Derivative Works 3.0 United States License.
Please feel free to redistribute unmodified copies of it as long as attribution is provided, preferably via a link to this page.
|
Submitted by pparadis on Thursday, July 30 2009 at 11:21:26 GMT Thanks for the note, jldugger. Fixed now. |
Got a comment?