Modern systems based on Linux include a huge number of resources commonly used by many programs, such as shared libraries of standard functions, executable files, scripts and standard utilities necessary for the normal work of many programs. Removal or upgrade of one of the system components may cause other dependent components to stop functioning correctly or even make the entire system inoperable. In the context of system administration such problems are called loss of system integrity. The goal of an administrator is to ensure that the system contains compatible versions of all the necessary components (system integrity control).
To install, delete and update program packages and to maintain the integrity of the Linux system, package managers (such as RPM in RedHat distributions or dpkg in Debian GNU/Linux) began to be used primarily. For a package manager, software consists of sets of components known as software packages. Such components contain sets of executables and auxiliary files needed for the correct work of software. Package managers unify and automate the process of building binary packages and make program installation easier, allowing to directly check for availability of components with the required versions at installation time, and performing all the procedures necessary to register the program in all the user operating environments. As soon as installation is completed, the program becomes available to from the command prompt and appears in the menus of all the graphical environments.
Thanks to package managers, Linux users usually do not need to call the installation procedures of individual applications directly, or to directly interact with directories in which executable files and other program components are installed (these normally are /usr/bin and /usr/share/package_name). All this work is done by a package manager. This is why program installation, uninstallation and upgrade are usually referred to as package management in Linux.
Components used by different programs are often gathered in separate packages. Package A, needed for software included in Package B to function, is marked in a special way. In this case it is said that Package B depends on Package A, or that there exists a dependency between packages A and B.
Tracking dependencies among such packages is a serious task for any Linux distribution. Some packages may be mutually replaceable, there may be several packages containing a required resource.
The task of controlling integrity and consistency of software installed in the system is more difficult. Let us imagine that certain programs A and B require the presence of component C, version 1.0, in the system. Update of package A, which requires upgrading of component C to a new version (let's say 2.0) that provides a new access interface, will thus necessarily lead to the update of program B.
However, package managers are not always capable of preventing all possible errors during program installation and uninstallation. Neither can they effectively restore system integrity. This defect is especially obvious when the system is updated from a centralized repository of packages, in which packages are continuously updated and sometimes split into smaller ones etc. This problem stimulated the creation of software package management and integrity maintenance systems.
To automate this process, the Advanced Packaging Tool (APT) is used. Such automation is achieved by creating one or several external repositories, in which program packages are stored. Packages installed in the system are checked against these repositories. A repository may contain an official version of a distribution, updated by developers as new versions of programs are released. However, it may also contain packages developed locally, for instance, builds of internal company projects.
Thus there are two databases at the disposal of APT: one describes packages installed in the system, the second one describes the external repository. APT keeps track of integrity of the installed system, and, if any inconsistencies in package dependencies are discovered, it uses data from the external repository to resolve conflicts and to find a correct way to fix the problem.
APT was initially developed to manage installation and removal of programs in the Debian GNU/Linux distribution. During development, the goal of replacing dselect, a package selection utility used in Debian, with a new one was set. The new system had to have wider functionality and a simple user interface. It also had to allow users to perform installation, updates and routine management of programs installed on a computer without the need to study subtleties of a software package manager used in the distribution.
Such attractive features had for a long time been available only to Debian users, because only one package manager had been supported by APT, namely the dpkg package manager, used in Debian, incompatible with RPM, used in ALT Linux. This incompatibility mostly lies in different data formats (although converter applications exist), but there are also other differences, which are outside the scope of this description.
However, APT was initially conceived as independent of the particular method of handling packages installed in the system, and this peculiarity allowed developers from the Brazilian company Conectiva to implement the support of RPM package manager in it. Thus users of distributions based on RPM (ALT Linux being one of them) gained an opportunity to use this powerful tool.
APT is at the present time still in its development stage, and the current version that supports RPM is classified as unstable. This, however, does not mean that operations carried out with the help of APT will inevitably make the system unstable. On the contrary, strict control over the system integrity is possible with APT: broken dependencies between installed packages can be checked and the found errors can be corrected.
synaptic is a graphical wrapper for APT. It is significantly simpler to use than the other APT interfaces. Instead of using a tree to represent packages, synaptic is based on a powerful system of package filtering. This makes the interface considerably simpler and yet allows much more flexibility for navigation of very long package lists.
The APT system consists of several utilities. The main and most commonly used one is the apt-get package managing utility. It automatically resolves dependencies among packages and strictly controls their integrity while installation, removal or upgrade of packages take place.
apt-get allows to install into the system packages that require other, still uninstalled, ones. In this case it determines which packages need to be installed and installs them, using all the available repositories. In order for apt-get to be able to use a particular repository, information about it should be placed in /etc/apt/sources.list and the
# apt-get update
command should be executed. This command should also be run every time you want to work with a repository after a long break, because when APT searches for packages it should use the database that reflects the actual state of the repository. Such a database is created again every time when an update takes place in the repository, i.e. when a package is added, deleted or renamed. To speed up its work, apt-get stores a local copy of the database, which after a certain time may not reflect the real state of the repository.
The distribution CD may also be used as a repository, because each disk contains all the information needed by APT about packages stored on it. To use the CD as a source, you need to use the apt-cdrom utility with a single parameter: add. This operation should be repeated for each CD in a set.
After this an entry about the added disk will appear in /etc/apt/sources.list:
rpm cdrom:[Compact Disk 1]/ ALTLinux main rpm-src cdrom:[Compact Disk 1]/ ALTLinux main
If there is no Internet connection, lines in /etc/apt/sources.list that contain information about Internet resources should be commented out. Immediately after the installation of the ALT Linux distribution several such resources are listed in /etc/apt/sources.list:
repository of security updates for the distribution;
binary packages from the Sisyphus repository;
source code packages that were used to build the binary packages in the Sisyphus repository.
The Sisyphus repository developed by ALT Linux Team contains a large number of programs, including those that are not a part of any distribution. You should keep in mind that the repository is not an independent distribution on its own. It reflects the current state of the development process and thus may contain unstable versions of packages. Well-tested snapshots of the repository, also known as distributions, are periodically released on the basis of the Sisyphus project. The repository is updated by developers daily, and thus the local database should be synchronized with the ALT Linux server (or its mirrors) before starting to work with APT. Such synchronization may be done once a day using the apt-get update command. For repositories that are stored on compact disks and initialized using the apt-cdrom add command, synchronization may only be done once when the initialization is made.
If you do not know the exact name of your package, you can use the apt-cache utility to search for it. It allows searching by package description as well as by its name.
The following command: apt-cache search substring allows to find all packages that contain the specified substring in their names and descriptions. For example:
$ apt-cache search master xcdroast - A GUI program for burning Cds bluefish - A WYSIWYG GPLized HTML editor xmess - X-Mess Multi Emulator Super System mkisofs - Creates an image of an ISO9660 filesystem
In order to find out more about each of the found packages and to read their descriptions, you can use the apt-cache show command, which will display information about a package from the repository:
Package: bluefish Section: Networking/WWW Size of packages installed: 2018 Packed by: AEN <aen@logic.ru> Version: 1:0.7-alt0.1 .. Provided by: bluefish Architecture: i586 .. File name: bluefish-0.7-alt0.1.i586.rpm Description: A WYSIWYG GPLized HTML editor Bluefish is a programmer's HTML editor, designed to save the experienced webmaster some keystrokes. It features a multiple file editor, multiple toolbars, custom menus, image and thumbnail dialogs, open from the web, HTML validation and lots of wizards. It is in continuous development, but it's already one of the best WYSIWYG HTML editors.
As you may notice, the word “master”, given as a search substring, is not present in the short description of this package. But the word “webmaster” is present, which explains the appearance of this package in the search results for the substring “master”.
Installation of packages with APT is done using the following command:
# apt-get install package_name
Sometimes, as a result of direct operations with packages without the use of APT, the system integrity is compromised, and then apt-get fails to perform installation, removal and update operations. In this case, the operation should be repeated with the option -f, which makes apt-get correct broken dependencies, if possible. When apt-get is run with this option, it is necessary to carefully watch its messages, analyze them and strictly follow the given recommendations.
The command apt-get install package_name is used to update a package or a group of packages that is already installed. In this case apt-get performs an additional check if the package version in the repository is newer in comparison to the one installed in the system.
Installation of the clanbomber package with the apt-get install clanbomber command will lead to the following dialogue with APT:
Reading Package Lists... Done Building Dependency Tree... Done The following extra packages will be installed: clanlib clanlib-mikmod clanlib-sound The following NEW packages will be installed: clanbomber clanlib clanlib-mikmod clanlib-sound 0 packages upgraded, 4 newly installed, 0 removed and 0 not upgraded. Need to get 0B/2399kB of archives. After unpacking 3322kB of additional disk space will be used. Do you want to continue? [Y/n] Executing RPM (/bin/rpm -Uvh --fancypercent --oldpackage)... Preparing... ########################################### [100%] 1: clanlib ########################################### [ 25%] 2: clanlib-mikmod ########################################### [ 50%] 3: clanlib-sound ########################################### [ 75%] 4: clanbomber ########################################### [100%]
apt-get always asks for a confirmation to perform installation and update operations, with the exception of the case when only one package needs to be installed or updated. If you are not certain that the system will remain functional after the operation is performed, you should run apt-get with the -S option. In this case a report about the update operation will be displayed, but no actual update will take place.
If a conflict is discovered between packages installed in the system, apt-get -f install command should be executed. APT will then try to resolve the conflicts, suggesting to delete or replace conflicting packages. All the actions in this mode necessarily require a confirmation from the user.
To remove a package, the apt-get remove package_name command should be used. In order not to compromise the system integrity, all the packages dependent on the one being removed are also removed. This is done because if a component required by an application to work (for instance, a library) is removed, the application itself becomes unusable. If a package that is one of the core components of the system is removed, apt-get will require an additional confirmation of the operation being executed in order to prevent a possible accidental error.
If you try to remove a core system component using the apt-get command, you will see the following request to confirm the removal operation:
# apt-get remove filesystem Reading Package Lists... Done Collecting File Provides... Done Building Dependency Tree... Done The following packages will be REMOVED: basesystem filesystem interactivesystem kdenetwork-kppp libwvstreams mgetty mgetty-viewfax mgetty-voice minicom ppp vsftpd wvdial WARNING: The following essential packages will be removed This should NOT be done unless you know exactly what you are doing! basesystem filesystem (due to basesystem) 0 packages upgraded, 0 newly installed, 12 removed and 0 not upgraded. Need to get 0B of archives. After unpacking 4881kB disk space will be freed. You are about to do something potentially harmful To continue type in the phrase 'Yes, do as I say!' ?]
Each situation in which APT displays such a message should be considered separately. But the likelihood of the system becoming dysfunctional after the execution of this command is quite great.
To upgrade all the installed packages, the apt-get upgrade command is used. It allows to update those and only those packages that have newer versions in the repositories listed in /etc/apt/sources.list. No other packages are removed from the system when this is done. This method is useful when working with stable application packages that are known not to change significantly between versions.
Sometimes, however, a change in package names or dependencies occurs. These situations are not handled by the apt-get upgrade command. As a result, unhandled dependencies appear and the system integrity is compromised. For instance, renaming the package MySQL-shared, containing dynamically loaded libraries for working with MySQL DBMS, to libMySQL, while reflecting the general trend in naming libraries in the distribution, will not cause the installation of the upgraded version of libMySQL to require removal of the old MySQL-shared version. To resolve this problem, the distribution-wide upgrade mode can be used: apt-get dist-upgrade.
When the entire distribution is upgraded, APT performs a comparison of the system with the repository, removes obsolete packages, installs new versions of packages present in the system and checks instances of renamed packages or changed dependencies among older and newer versions of programs. All packages that need to be installed or removed in addition to those which are already present in the system, will be specified in the output of the apt-get command, which APT sends to the screen before the actual upgrade.
When working with Sisyphus, it is recommended to use the apt-get dist-upgrade command to upgrade the system.
APT allows to interact with the repository using various access protocols. The most popular are HTTP and FTP, they are the ones used when working with Sisyphus. But some additional methods also exist.
Settings for repositories are kept in /etc/apt/sources.list in the following format:
rpm [subscript] method:path database_name rpm-src [subscript] method:path database_name
rpm or rpm-src — repository type (binary programs or source code);
signature — an optional string pointing to developers' signature. Signatures are described in the /etc/apt/vendor.list file;
method — repository access method: ftp, http, file, rsh, ssh, cdrom;
path — path to repository in terms of the chosen access method;
database — relative path to the repository database;
name — repository name;
For instance, when ALT Linux is installed, the following settings are written to /etc/apt/sources.list:
# Sisyphus rpm [alt] ftp://ftp.altlinux.com/pub/distributions/ALTLinux/Sisyphus i586 classic rpm-src [alt] ftp://ftp.altlinux.com/pub/distributions/ALTLinux/Sisyphus i586 classic
The real structure of the repository located at the address ftp://ftp.altlinux.com/pub/distributions/ALTLinux/Sisyphus looks the following way:
ftp://ftp.altlinux.com/pub/distributions/ALTLinux/Sisyphus |--SRPMS.base |--SRPMS.castle |--SRPMS.classic |--SRPMS.contrib |--SRPMS.junior |--SRPMS.kernel |--SRPMS.master `--i586 |--RPMS.base |--RPMS.castle |--RPMS.classic |--RPMS.contrib |--RPMS.junior |--RPMS.kernel |--RPMS.master `--base
APT allows working with several repositories described in its configuration files simultaneously. Such descriptions could formerly be stored only in /etc/apt/sources.list file. In new versions of APT used in ALT Linux, an option of supporting multiple repository descriptions in separate files in the /etc/apt/sources.list.d directory has become available. All files in this directory, the names of which are made up only of Latin letters, digits, “-” and “_” symbols, are interpreted by APT as configuration files, analogous to /etc/apt/sources.list. This extension makes it possible to form descriptions of local repositories without the risk of configuration files being re-written during an upgrade.
The model described above in relation to /etc/apt/sources.list.d is used also to describe developers' signatures in the /etc/apt/vendors.list.d directory.
When separate configuration files are used in /etc/apt/sources.list.d, managing the behavior of apt-get update command becomes possible. By default, this command updates the information about all repositories accessible to APT. But if some repository is described in the /etc/apt/sources.list.d/mysource.list configuration file, only the data related to this repository may be updated by specifying the name of the configuration file (mysource.list) as an argument to the apt-get update command:
# apt-get update mysource.list
A fuller description of the commands of the apt-get program may be obtained from the manual system of the distribution by entering the commands man apt-get and man apt.conf at the command prompt. .