Difference between revisions of "Debian Commands"

From YobiWiki
Jump to navigation Jump to search
 
(16 intermediate revisions by 2 users not shown)
Line 3: Line 3:
 
==Packages management==
 
==Packages management==
 
=== Working on the available packages DB===
 
=== Working on the available packages DB===
* apt-get update
+
====apt-get update====
** Updates internal DBs of available packages (based on /etc/apt/source.list)
+
Updates internal DBs of available packages (based on /etc/apt/source.list)
* apt-cache search ''keywords''
+
====apt-cache search ''keywords''====
** Look for packages containing keywords in their description
+
Look for packages containing keywords in their description
** Works offline
+
<br>Works offline
  +
====Using aptitude====
* DebTags
 
  +
Has [http://algebraicthunk.net/~dburrows/projects/aptitude/doc/en/ch02s03s05.html a lot of searching options]
** New powerful way to find packages
 
  +
** Works offline
 
  +
====[[DebTags]]====
* apt-cache show ''package''
 
  +
New powerful way to find packages
** Show detailed description of a package
 
** Works offline
+
<br>Works offline
  +
* apt-cache showpkg ''package''
 
  +
====apt-cache show ''package''====
** Shows which version of the package is contained in which feed
 
  +
Show detailed description of a package
** Works offline
 
  +
<br>Works offline
* Package cron-apt
 
  +
====apt-cache showpkg ''package''====
** Works as a cron operation in background
 
  +
Shows which version of the package is contained in which feed
** By default, will populate /var/cache/apt with the last versions of the packages and will send a mail.
 
  +
<br>Works offline
** Works online (but, as it's a cron task, deals with offline situations)
 
  +
====Package cron-apt====
** Now you can apt-get upgrade when you want, even offline :-)
 
  +
Works as a cron operation in background
* ''Useful files''
 
  +
<br>By default, will populate /var/cache/apt with the last versions of the packages and will send a mail.
** /etc/apt/sources.list : list of the feeds
 
  +
<br>Works online (but, as it's a cron task, deals with offline situations)
** /etc/apt/apt.conf : configuration of apt, cf "man apt.conf"
 
  +
<br>Now you can apt-get upgrade when you want, even offline :-)
** [http://www.argon.org/~roderick/apt-pinning.html Apt pinning]
 
  +
====''Useful files''====
* Package netselect-apt
 
  +
* /etc/apt/sources.list : list of the feeds
** Choose the fastest Debian mirror with netselect
 
  +
* /etc/apt/apt.conf : configuration of apt, cf "man apt.conf"
** Useful to get a good sources.list (but only for the official feeds)
 
  +
* [http://www.argon.org/~roderick/apt-pinning.html Apt pinning]
  +
====Package netselect-apt====
  +
Choose the fastest Debian mirror with netselect
  +
<br>Useful to get a good sources.list (but only for the official feeds)
   
 
===Installing/removing packages===
 
===Installing/removing packages===
* '''apt-get upgrade
+
====apt-get upgrade====
** Upgrades all possible already installed packages with a newer version if possible (i.e. this does not impact other dependancies)
+
Upgrades all possible already installed packages with a newer version if possible (i.e. this does not impact other dependancies)
** Usually follows apt-get update
+
<br>Usually follows apt-get update
* '''apt-get dist-upgrade'''
+
===='''apt-get dist-upgrade'''====
** Upgrades all possible already installed packages with a newer version and manages the dependancies (i.e. install/remove some dependances, especially libraries)
+
Upgrades all possible already installed packages with a newer version and manages the dependancies (i.e. install/remove some dependances, especially libraries)
** Usually to migrate from the current stable becoming the old-stable to the new stable (e.g. from Woody to Sarge) but useful also to maintain the testing or unstable distributions as new library dependancies happen quite often
+
<br>Usually to migrate from the current stable becoming the old-stable to the new stable (e.g. from Woody to Sarge) but useful also to maintain the testing or unstable distributions as new library dependancies happen quite often
* '''apt-get install ''package'''''
+
===='''apt-get install ''package'''''====
** Installs a package
+
Installs a package
* '''dpkg -i ''package-filename'''''
+
===='''dpkg -i ''package-filename'''''====
** Installs a locally downloaded/generated package file (*.deb)
+
Installs a locally downloaded/generated package file (*.deb)
* '''apt-get remove ''package'''''
+
===='''apt-get remove ''package'''''====
** Removes a package from the system
+
Removes a package from the system
  +
<br> with --purge this removes also configuration files
* '''apt-get clean'''
 
  +
<br>If you removed a package but want to purge it after, you have to use dpkg --purge <removed_package>
** Removes all cached package files (/var/cache/apt/archives/*.deb)
 
  +
<br>And to do it on all removed packages at once:
  +
dpkg --purge $(dpkg -l|grep ^rc|cut -d ' ' -f3)
  +
  +
===='''apt-get clean'''====
  +
Removes all cached package files (/var/cache/apt/archives/*.deb)
   
 
===Using signature verifications on packages===
 
===Using signature verifications on packages===
Line 62: Line 71:
 
gpg --keyserver pgp.mit.edu --recv-keys 1F41B907; gpg --armor --export 1F41B907 | apt-key add -
 
gpg --keyserver pgp.mit.edu --recv-keys 1F41B907; gpg --armor --export 1F41B907 | apt-key add -
 
apt-key list
 
apt-key list
  +
: new Etch key?
  +
gpg --no-default-keyring --keyring /etc/apt/trusted.gpg --keyserver hkp://wwwkeys.eu.pgp.net --recv-keys A70DAF536070D3A1
   
 
===Other sources of packages===
 
===Other sources of packages===
Line 154: Line 165:
 
to revert:
 
to revert:
 
echo "''package'' install" | dpkg --set-selections
 
echo "''package'' install" | dpkg --set-selections
  +
====List of manually installed packages====
  +
From https://askubuntu.com/questions/2389/generating-list-of-manually-installed-packages-and-querying-individual-packages
  +
  +
  +
comm -23 <(apt-mark showmanual | sort -u) <(gzip -dc /var/log/installer/initial-status.gz | sed -n 's/^Package: //p' | sort -u)
   
 
==Errors recovery==
 
==Errors recovery==
Line 168: Line 184:
 
apt-get install reportbug
 
apt-get install reportbug
 
reportbug [--email=''my@email''] ''package''
 
reportbug [--email=''my@email''] ''package''
  +
  +
==System management==
  +
So what about the rest? What is NOT dealt by the Debian package management?
  +
* First try to find a .deb for what you want to install or a .rpm that you can convert with alien or even to make your own package, cf above ''Other sources of packages''
  +
* Otherwise try to add your stuff under /usr/local
  +
** Package ''stow'' can help you if you have to install external software
  +
And to ensure your system is not too messed up with personal scripts you forgot about, there is the young but excellent ''cruft'' package.
  +
<br>Run it e.g. like this as you know already about the mess under /home and /usr/local:
  +
cruft --ignore /usr/local --ignore /home
  +
If there weren't too many stuff to report you'll get a list of disruptancies between what files should exist in your system as expected by the debian packaging system and what was actually found.
  +
<br>If the report is too big to be displayed, you can have a look in /var/spool/cruft
  +
<br>miss_* gives a list of files that should be there but are missing
  +
<br>unex_* gives a list of unexpected files
  +
<br>You can also create a filter about files which ''may'' be present but you don't want to be reported, e.g.
  +
echo '/usr/local/**' >/etc/cruft/filters/usr_local
  +
But in this case cruft will still traverse the filtered dirs so it's slower.
  +
<br>And finally you can create scripts that explain extra files which ''must'' be present, e.g. (not that good example in terms of performances...)
  +
cat >/etc/cruft/explain/usr_local
  +
#!/bin/sh
  +
find /usr/local
  +
^D
  +
chmod 755 /etc/cruft/explain/usr_local
  +
Now I'd like to find something similar but which check the integrity of each file for which there is a checksum in the dpkg system.
  +
<br>Tiger is one of such tools.
  +
<br>To control one or a few packages, one can do (here checking beid-related packaged)
  +
$ cat /var/lib/dpkg/info/*beid*.md5sums| sed 's/ / \//' > tmpmd5
  +
$ LANG=C md5sum -c tmpmd5 2>/dev/null|grep -v OK$
  +
  +
==Cleaning up==
  +
If you don't explicitely purge packages when you remove them, their configuration files and Debian-related scripts will still be present, you can clean them up with:
  +
<source lang=bash>
  +
dpkg --purge $(dpkg --get-selections|grep deinstall|awk '{print $1}')
  +
</source>
  +
After a while it could be that you installed software which was removed from the feeds for good or bad reasons but that means for sure that if you don't do anything (remove or find a feed to upgrade) you'll end-up with outdated therefore potentially unsafe software.<br>To identify those unmanaged packages:
  +
<source lang=bash>
  +
for i in $(dpkg --get-selections|grep install|grep -v deinstall|awk '{print $1}'); do
  +
apt-cache policy $i|egrep -q "(990|500)" || echo $i |tee -a deblocal/.txt;
  +
done
  +
</source>
  +
Of course there can be several reasons why you've such packages so don't delete them blindly! Here are some examples:
  +
* Migration from Knoppix to Debian, can be removed
  +
* Old kernels, do you still use them?
  +
* Self-compiled drivers, see if you're still using the corresponding kernel or not
  +
* Self-packaged stuffs (dictionaries etc)
  +
* RPM packages converted with alien, make sure you keep them up-to-date!!
  +
* Third-party .deb (truecrypt, vmware, googleearth, skype, etc), make sure you keep them up-to-date!!

Latest revision as of 18:36, 15 September 2018

Useful commands on a Debian box:

Packages management

Working on the available packages DB

apt-get update

Updates internal DBs of available packages (based on /etc/apt/source.list)

apt-cache search keywords

Look for packages containing keywords in their description
Works offline

Using aptitude

Has a lot of searching options

DebTags

New powerful way to find packages
Works offline

apt-cache show package

Show detailed description of a package
Works offline

apt-cache showpkg package

Shows which version of the package is contained in which feed
Works offline

Package cron-apt

Works as a cron operation in background
By default, will populate /var/cache/apt with the last versions of the packages and will send a mail.
Works online (but, as it's a cron task, deals with offline situations)
Now you can apt-get upgrade when you want, even offline :-)

Useful files

  • /etc/apt/sources.list : list of the feeds
  • /etc/apt/apt.conf : configuration of apt, cf "man apt.conf"
  • Apt pinning

Package netselect-apt

Choose the fastest Debian mirror with netselect
Useful to get a good sources.list (but only for the official feeds)

Installing/removing packages

apt-get upgrade

Upgrades all possible already installed packages with a newer version if possible (i.e. this does not impact other dependancies)
Usually follows apt-get update

apt-get dist-upgrade

Upgrades all possible already installed packages with a newer version and manages the dependancies (i.e. install/remove some dependances, especially libraries)
Usually to migrate from the current stable becoming the old-stable to the new stable (e.g. from Woody to Sarge) but useful also to maintain the testing or unstable distributions as new library dependancies happen quite often

apt-get install package

Installs a package

dpkg -i package-filename

Installs a locally downloaded/generated package file (*.deb)

apt-get remove package

Removes a package from the system
with --purge this removes also configuration files
If you removed a package but want to purge it after, you have to use dpkg --purge <removed_package>
And to do it on all removed packages at once:

dpkg --purge $(dpkg -l|grep ^rc|cut -d ' ' -f3)

apt-get clean

Removes all cached package files (/var/cache/apt/archives/*.deb)

Using signature verifications on packages

To get the Debian keyring if needed:

apt-get install debian-keyring

To re-install the Debian maintainer keys for apt-get:

wget http://ftp-master.debian.org/ziyi_key_2005.asc
gpg --no-default-keyring --keyring /etc/apt/trusted.gpg --import ziyi_key_2005.asc

If you get the following error when apt-get update:

W: GPG error: http://myprox sarge Release:
The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 07DC563D1F41B907

That's because of the Marillat feeds, you need to import his key

gpg --no-default-keyring --keyring /etc/apt/trusted.gpg --keyserver keyring.debian.org --recv-keys 07DC563D1F41B907

or, if you got it in a file:

gpg --no-default-keyring --keyring /etc/apt/trusted.gpg --import marillat.asc

or:

gpg --keyserver pgp.mit.edu --recv-keys 1F41B907; gpg --armor --export 1F41B907 | apt-key add -
apt-key list
new Etch key?
gpg --no-default-keyring --keyring /etc/apt/trusted.gpg --keyserver  hkp://wwwkeys.eu.pgp.net --recv-keys A70DAF536070D3A1

Other sources of packages

If you don't find your package on the regular Debian feeds, try

  • Unofficial APT repositories
  • alien package.rpm
    This transforms a package.rpm (for RedHat, Mandrake,...) into a package.deb that you can install with dpkg -i
  • To create a .deb, see man dpkg-source
  • See also srcinst, not yet tried...

If you want to recompile a package

apt-get build-dep package
apt-get source package
cd package-dir
dpkg-buildpackage -rfakeroot -uc -b

Inside a debian package

ar x package.deb

This gives 3 files: control.tar.gz data.tar.gz debian-binary

Fixing package dependancies

When installing a non-official package, it may happen that the dependancies are wrong.

dpkg-deb -x skype_1.2.0.18-1_i386.deb skype_1.2.0.18-1_i386
mkdir skype_1.2.0.18-1_i386/DEBIAN
dpkg-deb -e skype_1.2.0.18-1_i386.deb skype_1.2.0.18-1_i386/DEBIAN

Edit the file skype_1.2.0.18-1_i386/DEBIAN/control and change the dependancies:
Change libqt3c102-mt (>= 3:3.3.3.2) into libqt3-mt (>= 3:3.3.5)

dpkg-deb -b skype_1.2.0.18-1_i386
sudo dpkg -i skype_1.2.0.18-1_i386.deb

Re-packaging Perl CPAN modules not yet available in Debian

apt-get install dh-make-perl

Example: dh-make-perl --build --cpan HTML::Template::JIT
First time it will auto-configure the CPAN database so it's quite slow

Installing not packaged softwares

apt-get install installwatch

Installwatch can be used to track the changes made during the installation of local (i.e. non-deb) software.

Working on already installed packages

dpkg -L package

Shows all the installed files on the system of an installed package
Useful to see which commands the package contains, if it contains documentation etc

dpkg -S partial filename

Searches in the installed list of packages which one(s) contains the searched filename
Useful when you find a file/program on your system but don't know from where it came

dlocate partial filename

Much faster than dpkg -S, uses a DB as locate, requires package dlocate to be installed

dpkg --get-selections

Displays the list of installed (and removed) packages

dpkg -l ' regexp '

Displays the matching packages

dpkg-reconfigure package

Restart the configuration step which usually follows a package installation
The graphical interface (text, ncurses, KDE, etc) for the configuration of a package is handled by debconf so this can be changed by...

dpkg-reconfigure debconf (install libqt-perl to get the KDE gui working)

update-alternatives or galternatives (X11)

Allows to manipulate the /etc/alternatives directory and to choose which application to run while the system contains multiple possibilities
Example:

$ update-alternatives --display x-session-manager
x-session-manager - status is auto.
link currently points to /usr/bin/startkde
/usr/bin/icewm-session - priority 10
/usr/bin/startkde - priority 40
Current 'best' version is /usr/bin/startkde.

To choose manually:

$ update-alternatives --config x-session-manager

dpkg-repack package

apt-get install dpkg-repack

Recreates a .deb from an already installed package (and integrates possible changes e.g. in /etc), usefull if the original .deb is not available anymore.

deborphan

Gives a list of libraries apparently not needed anymore by any installed programs (beware if you installed locally some non-debian sources)

apt-get install deborphan
deborphan
deborphan|xargs apt-get remove -y

debian-goodies

apt-get install debian-goodies
dgrep        - Search all files in specified packages for a regex
dglob        - Generate a list of package names which match a pattern
debget       - Fetch a .deb for a package in APT's database
dpigs        - Show which installed packages occupy the most space
debman       - Easily view man pages from a binary .deb without extracting
checkrestart - Help to find and restart processes which are using old versions of upgraded files (such as libraries)
popbugs      - Display a customized release-critical bug list based on packages you use (using popularity-contest data)

Changing SUID bit on an executable

e.g. artswrapper:

dpkg-statoverride --add --update root root 4755 /usr/bin/artswrapper

To revert the change:

dpkg-statoverride --remove /usr/bin/artswrapper; chmod 0755 /usr/bin/artswrapper

Flagging a package as hold

echo "package hold" | dpkg --set-selections

to revert:

echo "package install" | dpkg --set-selections

List of manually installed packages

From https://askubuntu.com/questions/2389/generating-list-of-manually-installed-packages-and-querying-individual-packages


comm -23 <(apt-mark showmanual | sort -u) <(gzip -dc /var/log/installer/initial-status.gz | sed -n 's/^Package: //p' | sort -u)

Errors recovery

In case of sth like:

E: Unable to parse package file /var/lib/dpkg/status (1)
E: The package lists or status file could not be parsed or opened.

Sounds like /var/lib/dpkg/status has become corrupted in some way.
Luckily dpkg (or apt?) does keep backups of that file (/var/backups/dpkg.status.*) and you may be able to recover by reverting to that backup. *BUT* that is likely to put /var/lib/dpkg/status "out-of-sync" with what *actually* is installed on the machine.
What packages did you last install/deinstall ? A diff between /var/lib/dpkg/status and /var/backups/dpkg.status.* may refresh your memory. Chances are that you have to re-install (/re-de-install) them to get things back in sync.

Bug reports

apt-get install reportbug
reportbug [--email=my@email] package

System management

So what about the rest? What is NOT dealt by the Debian package management?

  • First try to find a .deb for what you want to install or a .rpm that you can convert with alien or even to make your own package, cf above Other sources of packages
  • Otherwise try to add your stuff under /usr/local
    • Package stow can help you if you have to install external software

And to ensure your system is not too messed up with personal scripts you forgot about, there is the young but excellent cruft package.
Run it e.g. like this as you know already about the mess under /home and /usr/local:

cruft --ignore /usr/local --ignore /home

If there weren't too many stuff to report you'll get a list of disruptancies between what files should exist in your system as expected by the debian packaging system and what was actually found.
If the report is too big to be displayed, you can have a look in /var/spool/cruft
miss_* gives a list of files that should be there but are missing
unex_* gives a list of unexpected files
You can also create a filter about files which may be present but you don't want to be reported, e.g.

echo '/usr/local/**' >/etc/cruft/filters/usr_local

But in this case cruft will still traverse the filtered dirs so it's slower.
And finally you can create scripts that explain extra files which must be present, e.g. (not that good example in terms of performances...)

cat >/etc/cruft/explain/usr_local                                                                                                             
#!/bin/sh                                                                                                                                                 
find /usr/local                                                                                                                                           
^D                                                                                                                                                        
chmod 755 /etc/cruft/explain/usr_local

Now I'd like to find something similar but which check the integrity of each file for which there is a checksum in the dpkg system.
Tiger is one of such tools.
To control one or a few packages, one can do (here checking beid-related packaged)

$ cat /var/lib/dpkg/info/*beid*.md5sums| sed 's/  /  \//' > tmpmd5
$ LANG=C md5sum -c tmpmd5 2>/dev/null|grep -v OK$

Cleaning up

If you don't explicitely purge packages when you remove them, their configuration files and Debian-related scripts will still be present, you can clean them up with:

dpkg --purge $(dpkg --get-selections|grep deinstall|awk '{print $1}')

After a while it could be that you installed software which was removed from the feeds for good or bad reasons but that means for sure that if you don't do anything (remove or find a feed to upgrade) you'll end-up with outdated therefore potentially unsafe software.
To identify those unmanaged packages:

for i in $(dpkg --get-selections|grep install|grep -v deinstall|awk '{print $1}'); do  
    apt-cache policy $i|egrep -q "(990|500)" || echo $i |tee -a deblocal/.txt;
done

Of course there can be several reasons why you've such packages so don't delete them blindly! Here are some examples:

  • Migration from Knoppix to Debian, can be removed
  • Old kernels, do you still use them?
  • Self-compiled drivers, see if you're still using the corresponding kernel or not
  • Self-packaged stuffs (dictionaries etc)
  • RPM packages converted with alien, make sure you keep them up-to-date!!
  • Third-party .deb (truecrypt, vmware, googleearth, skype, etc), make sure you keep them up-to-date!!