5.4.

Manipulating Packages with dpkg

http://debian-handbook.info/browse/wheezy/sect.manipul...

Prev

The Debian Administrator's Handbook

D ow nl oa d th

Next

e eb oo k

5.4. Manipulating Packages with dpkg

dpkg is the base command for handling Debian packages on the system. If you have .deb packages, it is dpkg that allows installation or analysis of their contents. But this program only has a partial view of the Debian universe: it knows what is installed on the system, and whatever it is given on the command line, but knows nothing of the other available packages. As such, it will fail if a dependency is not met. Tools such as apt-get, on the contrary, will create a list of dependencies to install everything as automatically as possible.
NOTE dpkg or apt-get? dpkg should be seen as a system tool (backend), and apt-get as a tool closer to the user, which overcomes the limitations of the former. These tools work together, each one with its particularities, suited to specific tasks.

5.4.1. Installing Packages dpkg is, above all, the tool for installing an already available Debian package (because it does not download anything). To do this, we use its -i or --install option. Example 5.2. Installation of a package with dpkg
# dpkg -i man-db_2.6.2-1_amd64.deb (Reading database ... 96357 files and directories currently installed.) Preparing to replace man-db 2.6.1-3 (using man-db_2.6.2-1_amd64.deb) ... Unpacking replacement man-db ... Setting up man-db (2.6.2-1) ... Building database of manual pages ...

We can see the different steps performed by dpkg; we know, thus, at what point any error may have occurred. The installation can also be effected in two stages: first unpacking, then configuration. apt-get takes advantage of this, limiting the number of calls to dpkg (since each call is costly, due to loading of the database in memory, especially the list of already installed files). Example 5.3. Separate unpacking and configuration
# dpkg --unpack man-db_2.6.2-1_amd64.deb (Reading database ... 96357 files and directories currently installed.) Preparing to replace man-db 2.6.2-1 (using man-db_2.6.2-1_amd64.deb) ... Unpacking replacement man-db ... # dpkg --configure man-db Setting up man-db (2.6.2-1) ... Building database of manual pages ...

1 of 9

10/01/2013 12:41 PM

5.4. Manipulating Packages with dpkg

http://debian-handbook.info/browse/wheezy/sect.manipul...

Sometimes dpkg will fail to install a package and return an error; if the user orders it to ignore this, it will only issue a warning; it is for this reason that we have the different --force-* options. The dpkg --force-help command, or documentation of this command, will give a complete list of these options. The most frequent error, which you are bound to encounter sooner or later, is a file collision. When a package contains a file that is already installed by another package, dpkg will refuse to install it. The following messages will then appear:
nl oa d th e eb oo k
Unpacking libgdm (from .../libgdm_3.8.3-2_amd64.deb) ... dpkg: error processing /var/cache/apt/archives/libgdm_3.8.3-2_amd64.deb (--unpack): trying to overwrite '/usr/bin/gdmflexiserver', which is also in package gdm3 3.4.1-9

In this case, if you think that replacing this file is not a significant risk to the stability of your system (which is usually the case), you can use the option --force-overwrite, which tells dpkg to ignore this error and overwrite the file. While there are many available --force-* options, only --force-overwrite is likely to be used regularly. These options only exist for exceptional situations, and it is better to leave them alone as much as possible in order to respect the rules imposed by the packaging mechanism. Do not forget, these rules ensure the consistency and stability of your system.
CAUTION Effective use of --force-* If you are not careful, the use of an option --force-* can lead to a system where the APT family of commands will refuse to function. In effect, some of these options allow installation of a package when a dependency is not met, or when there is a conflict. The result is an inconsistent system from the point of view of dependencies, and the APT commands will refuse to execute any action except those that will bring the system back to a consistent state (this often consists of installing the missing dependency or removing a problematic package). This often results in a message like this one, obtained after installing a new version of rdesktop while ignoring its dependency on a newer version of the libc6:
# apt-get dist-upgrade [...] You can run "apt-get -f install" to correct these problems. The following packages contain unmet dependencies: rdesktop: Depends on: libc6 (>= 2.5) but 2.3.6.ds1-13etch7 is installed E: missing dependencies. Try to use the option -f.

A courageous administrator who is certain of the correctness of their analysis may choose to ignore a dependency or conflict and use the corresponding --force-* option. In this case, if they want to be able to continue to use apt-get or aptitude, they must edit /var/lib/dpkg/status to delete/modify the dependency, or conflict, that they chose to override. This manipulation is an ugly hack, and should never be used, except in the most extreme case of necessity. Quite frequently, a more fitting solution is to recompile the package that's causing the problem (see Section 15.1, Rebuilding a Package from its Sources) or use a new version (potentially corrected) from a repository such as the stable-backports one (see Section 6.1.2.4, Stable Backports).

D ow

5.4.2. Package Removal Invoking dpkg with the -r or --remove option, followed by the name of a package, removes that package. This removal is, however, not complete: all of the configuration files, maintainer scripts, log files (system logs) and other user data handled by the package remain. That way disabling the program is easily done by uninstalling it, and it's still possible to quickly reinstall it with the same configuration. To completely remove everything associated with a package, use the -P or --purge option, followed by the package name.

2 of 9

10/01/2013 12:41 PM

5.4. Manipulating Packages with dpkg

http://debian-handbook.info/browse/wheezy/sect.manipul...

Example 5.4. Removal and purge of the debian-cd package

# dpkg -r debian-cd (Reading database ... 97747 files and directories currently installed.) Removing debian-cd ... # dpkg -P debian-cd (Reading database ... 97401 files and directories currently installed.) Removing debian-cd ... Purging configuration files for debian-cd ...

5.4.3. Querying dpkg's Database and Inspecting .deb Files

BACK TO BASICS Option syntax Most options are available in a long version (one or more relevant words, preceded by a double dash) and a short version (a single letter, often the initial of one word from the long version, and preceded by a single dash). This convention is so common that it is a POSIX standard.

Before concluding this section, we will study dpkg options that query the internal database in order to obtain information. Giving first the long options and then corresponding short options (that will evidently take the same possible arguments) we cite --listfiles package (or -L), which lists the files installed by this package; --search file (or -S), which finds the package(s) containing the file; --status package (or -s), which displays the headers of an installed package; --list (or -l), which displays the list of packages known to the system and their installation status; --contents file.deb (or -c), which lists the files in the Debian package specified; --info file.deb (or -I), which displays the headers of this Debian package.

3 of 9

10/01/2013 12:41 PM

5.4. Manipulating Packages with dpkg

http://debian-handbook.info/browse/wheezy/sect.manipul...

Example 5.5. Various queries with dpkg

4 of 9

10/01/2013 12:41 PM

5.4. Manipulating Packages with dpkg

http://debian-handbook.info/browse/wheezy/sect.manipul...

$ dpkg -L base-passwd /. /usr /usr/sbin /usr/sbin/update-passwd /usr/share /usr/share/man /usr/share/man/ru /usr/share/man/ru/man8 /usr/share/man/ru/man8/update-passwd.8.gz /usr/share/man/pl /usr/share/man/pl/man8 /usr/share/man/pl/man8/update-passwd.8.gz /usr/share/man/man8 /usr/share/man/man8/update-passwd.8.gz /usr/share/man/fr /usr/share/man/fr/man8 /usr/share/man/fr/man8/update-passwd.8.gz /usr/share/doc-base /usr/share/doc-base/users-and-groups /usr/share/base-passwd /usr/share/base-passwd/passwd.master /usr/share/base-passwd/group.master /usr/share/lintian /usr/share/lintian/overrides /usr/share/lintian/overrides/base-passwd /usr/share/doc /usr/share/doc/base-passwd /usr/share/doc/base-passwd/copyright /usr/share/doc/base-passwd/users-and-groups.html /usr/share/doc/base-passwd/changelog.gz /usr/share/doc/base-passwd/users-and-groups.txt.gz /usr/share/doc/base-passwd/README $ dpkg -S /bin/date coreutils: /bin/date $ dpkg -s coreutils Package: coreutils Essential: yes Status: install ok installed Priority: required Section: utils Installed-Size: 13822 Maintainer: Michael Stone <mstone@debian.org> Architecture: amd64 Multi-Arch: foreign Version: 8.13-3.5 Replaces: mktemp, timeout Depends: dpkg (>= 1.15.4) | install-info Pre-Depends: libacl1 (>= 2.2.51-8), libattr1 (>= 1:2.4.46-8), libc6 (>= 2.7), libselinux1 (>= 1.32) Conflicts: timeout Description: GNU core utilities This package contains the basic file, shell and text manipulation utilities which are expected to exist on every operating system. . Specifically, this package includes: arch base64 basename cat chcon chgrp chmod chown chroot cksum comm cp csplit cut date dd df dir dircolors dirname du echo env expand expr

5 of 9

10/01/2013 12:41 PM

5.4. Manipulating Packages with dpkg

http://debian-handbook.info/browse/wheezy/sect.manipul...

factor false flock fmt fold groups head hostid id install join link ln logname ls md5sum mkdir mkfifo mknod mktemp mv nice nl nohup nproc od paste pathchk pinky pr printenv printf ptx pwd readlink rm rmdir runcon sha*sum seq shred sleep sort split stat stty sum sync tac tail tee test timeout touch tr true truncate tsort tty uname unexpand uniq unlink users vdir wc who whoami yes Homepage: http://gnu.org/software/coreutils $ dpkg -l 'b*' Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++-============-==============-==============-================================ un backupninja <none> (no description available) un base <none> (no description available) un base-config <none> (no description available) ii base-files 7.1 amd64 Debian base system miscellaneous ii base-passwd 3.5.26 amd64 Debian base system master passwo [...] $ dpkg -c /var/cache/apt/archives/gnupg_1.4.12-7_amd64.deb drwxr-xr-x root/root 0 2013-01-02 19:28 ./ drwxr-xr-x root/root 0 2013-01-02 19:28 ./usr/ drwxr-xr-x root/root 0 2013-01-02 19:28 ./usr/share/ drwxr-xr-x root/root 0 2013-01-02 19:28 ./usr/share/doc/ drwxr-xr-x root/root 0 2013-01-02 19:28 ./usr/share/doc/gnupg/ -rw-r--r-- root/root 3258 2012-01-20 10:51 ./usr/share/doc/gnupg/TODO -rw-r--r-- root/root 308 2011-12-02 18:34 ./usr/share/doc/gnupg/FAQ -rw-r--r-- root/root 3543 2012-02-20 18:41 ./usr/share/doc/gnupg /Upgrading_From_PGP.txt -rw-r--r-- root/root 690 2012-02-20 18:41 ./usr/share/doc/gnupg /README.Debian -rw-r--r-- root/root 1418 2012-02-20 18:41 ./usr/share/doc/gnupg /TODO.Debian [...] $ dpkg -I /var/cache/apt/archives/ new debian package, version 2.0. size 1952176 bytes: control archive=3312 bytes. 1449 bytes, 30 lines control 4521 bytes, 65 lines md5sums 479 bytes, 13 lines * postinst #!/bin/sh 473 bytes, 13 lines * preinst #!/bin/sh Package: gnupg Version: 1.4.12-7 Architecture: amd64 Maintainer: Debian GnuPG-Maintainers <pkg-gnupg-maint@lists.alioth.debian.org> Installed-Size: 4627 Depends: libbz2-1.0, libc6 (>= 2.4), libreadline6 (>= 6.0), libusb-0.1-4 (>= 2:0.1.12), zlib1g (>= 1:1.1.4), dpkg (>= 1.15.4) | install-info, gpgv Recommends: libldap-2.4-2 (>= 2.4.7), gnupg-curl Suggests: gnupg-doc, xloadimage | imagemagick | eog, libpcsclite1 Section: utils Priority: important Multi-Arch: foreign Homepage: http://www.gnupg.org Description: GNU privacy guard - a free PGP replacement GnuPG is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant

6 of 9

10/01/2013 12:41 PM

5.4. Manipulating Packages with dpkg

http://debian-handbook.info/browse/wheezy/sect.manipul...

with the proposed OpenPGP Internet standard as described in RFC 4880. [...]

D ow nl oa d th e eb oo k

GOING FURTHER Comparison of versions

Since dpkg is the program for handling Debian packages, it also provides the reference implementation of the logic of comparing version numbers. This is why it has a --compare-versions option, usable by external programs (especially configuration scripts executed by dpkg itself). This option requires three parameters: a version number, a comparison operator, and a second version number. The different possible operators are lt (strictly less than), le (less than or equal to), eq (equal), ne (not equal), ge (greater than or equal to), and gt (strictly greater than). If the comparison is correct, dpkg returns 0 (success); if not, it gives a non-zero return value (indicating failure).
$ $ 0 $ $ 1 $ $ 1 dpkg --compare-versions 1.2-3 gt 1.1-4 echo $? dpkg --compare-versions 1.2-3 lt 1.1-4 echo $? dpkg --compare-versions 2.6.0pre3-1 lt 2.6.0-1 echo $?

Note the unexpected failure of the last comparison: for dpkg, pre, usually denoting a pre-release, has no particular meaning, and this program compares the alphabetic characters in the same way as the numbers (a < b < c ...), in alphabetical order. This is why it considers 0pre3 to be greater than 0. When we want a package's version number to indicate that it is a pre-release, we use the tilde character, ~:
$ dpkg --compare-versions 2.6.0~pre3-1 lt 2.6.0-1 $ echo $? 0

5.4.4. dpkg's Log File dpkg keeps a log of all of its actions in /var/log/dpkg.log. This log is extremely verbose, since it details every one of the stages through which packages handled by dpkg go. In addition to offering a way to track dpkg's behavior, it helps, above all, to keep a history of the development of the system: one can find the exact moment when each package has been installed or updated, and this information can be extremely useful in understanding a recent change in behavior. Additionally, all versions being recorded, it is easy to cross-check the information with the changelog.Debian.gz for packages in question, or even with online bug reports. 5.4.5. Multi-Arch Support All Debian packages have an Architecture field in their control information. This field can contain either all (for packages that are architecture independent) or the name of the architecture that it targets (like amd64, armhf, ). In the latter case, by default, dpkg will only accept to install the package if its architecture matches the host's architecture as returned by dpkg --print-architecture. This restriction ensures that users do not end up with binaries compiled for an incorrect architecture. Everything would be perfect except that (some) computers can run binaries for multiple architectures, either natively (an amd64 system can run i386 binaries) or through emulators. 5.4.5.1. Enabling Multi-Arch

7 of 9

10/01/2013 12:41 PM

5.4. Manipulating Packages with dpkg

http://debian-handbook.info/browse/wheezy/sect.manipul...

dpkg's multi-arch support allows users to define foreign architectures that can be installed on the current system. This is simply done with dpkg --add-architecture like in the example below. There's a corresponding dpkg --remove-architecture to drop support of a foreign architecture, but it can only be used when no packages of this architecture remain.
D ow nl oa d th e eb oo
# dpkg --print-architecture amd64 # dpkg --print-foreign-architectures #dpkg -i gcc-4.7-base_4.7.2-5_armhf.deb dpkg: error processing gcc-4.7-base_4.7.2-5_armhf.deb (--install): package architecture (armhf) does not match system (amd64) Errors were encountered while processing: gcc-4.7-base_4.7.2-5_armhf.deb # dpkg --add-architecture armhf # dpkg --add-architecture armel # dpkg --print-foreign-architectures armhf armel # dpkg -i gcc-4.7-base_4.7.2-5_armhf.deb Selecting previously unselected package gcc-4.7-base:armhf. (Reading database ... 97399 files and directories currently installed.) Unpacking gcc-4.7-base:armhf (from gcc-4.7-base_4.7.2-5_armhf.deb) ... Setting up gcc-4.7-base:armhf (4.7.2-5) ... # dpkg --remove-architecture armhf dpkg: error: cannot remove architecture 'armhf' currently in use by the database # dpkg --remove-architecture armel # dpkg --print-foreign-architectures armhf

NOTE APT's multi-arch support APT will automatically detect when dpkg has been configured to support foreign architectures and will start downloading the corresponding Packages files durings its update process. Foreign packages can then be installed with apt-get install package:architecture.

IN PRACTICE Using proprietary i386 binaries on amd64 There are multiple use cases for multi-arch, but the most popular one is the possibbility to execute 32 bit binaries (i386) on 64 bit systems (amd64), in particular since several popular proprietary applications (like Skype) are only provided in 32 bit versions. Before multi-arch, when you wanted to uses a 32 bit appliction on a 64 bit system, you had to install ia32-libs to have 32 bit versions of the most popular libraries. That package was a huge hack that repackaged 32 bit libraries in an amd64 package.

5.4.5.2. Multi-Arch Related Changes To make multi-arch actually useful and usable, libraries had to be repackaged and moved to an architecturespecific directory so that multiple copies (targeting different architectures) can be installed alongside. Such updated packages contain the Multi-Arch: same header field to tell the packaging system that the various architectures of the package can be safely co-installed (and that those packages can only satisfy dependencies of packages of the same architecture). Since multi-arch made its debut in Debian Wheezy, not all libraries have been converted yet (but all libraries which were embedded in ia32-libs do!).

8 of 9

10/01/2013 12:41 PM

5.4. Manipulating Packages with dpkg

http://debian-handbook.info/browse/wheezy/sect.manipul...

$ dpkg -s gcc-4.7-base dpkg-query: error: --status needs a valid package name but 'gcc-4.7-base' is not: ambiguous package name 'gcc-4.7-base' with more than one installed instance Use --help for help about querying packages. $ dpkg -s gcc-4.7-base:amd64 gcc-4.7-base:armhf | grep ^Multi Multi-Arch: same Multi-Arch: same $ dpkg -L libgcc1:amd64 |grep .so /lib/x86_64-linux-gnu/libgcc_s.so.1 $ dpkg -S /usr/share/doc/gcc-4.7-base/copyright gcc-4.7-base:armhf, gcc-4.7-base:amd64: /usr/share/doc/gcc-4.7-base/copyright

It is worth noting that Multi-Arch: same packages must have their names qualified with their architecture to be unambiguously identifiable. They also have the possibility to share files with other instances of the same package; dpkg ensures that all packages have bit-for-bit identical files when they are shared. Last but not least, all instances of a package must have the same version. They must thus be upgraded together. Multi-Arch support also brings some interesting challenges in the way dependencies are handled. Satisfying a dependency requires either a package marked Multi-Arch: foreign or a package whose architecture matches the one of the package declaring the dependency (in this dependency resolution process, architecture-independent packages are assumed to be of the same architecture than the host). A dependency can also be weakened to allow any architecture to fulfill it, with the package:any syntax, but foreign packages can only satisfy such a dependency if they are marked Multi-Arch: allowed.

Prev 5.3. Structure of a Source Package

Up

Home

Next 5.5. Coexistence with Other Packaging Systems

9 of 9

10/01/2013 12:41 PM