Managing Software
By default, your Linux distribution will come with lots of software packages. Even if lots of packages are available by default, you will encounter soon enough a situation where you need to install new packages. In this chapter, you’ll learn how to do this. First, I’ll tell you about the different ways that software management is handled on Linux. Next, you’ll read about how to work with RPM-based packages. Then you’ll learn how to install packages that are delivered in the .deb format. You’ll also learn about software and package management tools such as yum, apt-get, and zypper; tracking and finding software packages; and managing updates and patches.
Note Occasionally, software packages are delivered as tar archives. Refer to Chapter 3 for additional information about tar.
Understanding Software Management
Linux software packages are very modular. This means that everything you need is rarely in one software package. Instead, to be able to work with a program a collection of software packages needs to be installed. Because the software packages are small in general, most software packages have dependencies. These dependencies are packages that also need to be installed for your software package to function well.
Managing these software package dependencies is amongst the greatest challenges when working with software packages in Linux. If you choose a solution that doesn’t know how to handle dependencies, you may see error messages indicating that in order to install package A, you also need to install packages B, C, and D. This is also referred to as dependency hell, and in the past it has been a very good reason for people not to use Linux.
Nowadays, all Linux distributions have some solution to manage these dependencies.
These solutions are based on software repositories. A repository is an installation source that contains a list of all installable packages. This means that your distribution’s software management solution knows which software packages are available and installs dependencies automatically. While installing, your installation medium will be a repository; to add new software, you will find yourself adding new repositories regularly. After installation you’ll typically make use of the on line repositories that are provided by your Linux distribution.
Managing RPM Packages
RPM stands for Red Hat Package Manager. It is the package management standard that was invented by Red Hat, and nowadays it is used by important distributions like Red Hat and its derivatives and SUSE. RPM is based on packages that have the extension .rpm. The names of these packages typically include name, version, and architecture of the software you are about to install. In this section, As an example, let’s take the package nmap-6.40-4.el7.x86_64.rpm. In this package you can read the name and subversion of the package (nmao-6.40-4). Next, the package name states the distribution, which in this case is “Enterprise Linux”, which stands for CentOS. Following that, the platform is identified as x86_64. You’ll see this platform in most cases, older platform types such as i386 are becoming quite scarce nowadays. If an RPM package hasn’t been written with a specific platform in mind, you’ll see “noarch” as the platform identifier. Make sure that you select the package that is written for your architecture. You will see packages that are written for noarch as well. These are installable on all hardware platforms.
Working with RPM
The most basic way to handle RPM packages is by using the rpm command. Although this command provides an easy method for package management, it doesn’t care about dependencies - which is why you shouldn’t use it to install software packages anymore. This means that you may need to install all dependencies themselves. However, if you just want to install a simple package, this command can help you. First, you may use it to install packages. To do this, use the -i option as in the following example command:
rpm -i iftop-0.16-1.i386.rpm
If all goes well, this command just installs the package without showing any output. If some condition exists that prevents your package from installing smoothly, however, this command will complain and stop installing immediately, which you can see in the following example:
nuuk:~ # rpm -i iftop-0.16-1.i386.rpm
package iftop-0.16-1 is already installed
A common reason why package installation may fail is that a package with the same name is already installed, which was the case in the second attempt to install the package iftop. It’s easy to avoid that problem: instead of using rpm -i, better use rpm -Uvh.
If a package with the name of the package you are trying to install is already installed, it will be upgraded by using the option -U. If it’s not installed yet, the rpm command will install it. Therefore, I’d recommend always using this command and not rpm -i. The other options are used to show more output to the user. The -v option adds verbosity, meaning it will show what the rpm command is actually doing. Finally, the -h option shows hashes, meaning you’ll be able to see progress while installing the software. Listing 8-1 shows two examples where rpm -Uvh is used.
Apart from installing packages, you can also use rpm to remove packages. To do this, issue rpm with the option -e, as demonstrated in the following command:
rpm -e iftop-0.16-1-i386.rpm
Although the rpm command offers an easy solution for installing individual packages, you may not want to use it as your preferred package management solution. There are two package management interfaces that make package management really easier, yum and zypper, and you can read more about them in the next two sections.
Even if the rpm command isn’t used much anymore for package installation, it is still being used frequently to perform queries in installed packages and packages that are about to be installed. To start with, there is the rpm -qa command. This command gives a list of all packages that are installed, and the results of the command can conveniently be searched with the grep utility. Also, rpm queries allow you to figure out what is inside a package. The following queries are particularly helpful:
In exercise 8-1 you’ll learn how to work with RPM queries.
EXERCISE 8-1: WORKING WITH RPM QUERIES
Note that this exercise will work only on RPM based distributions such as Red Hat and its derivatives and SUSE.
The yum system makes working with RPM packages easy. This package management interface works with repositories that contain lists of installable software. As an administrator, your first task is to make sure that you have all the software repositories you need in your configuration. Based on this repository list, the yum command is used to perform all kinds of software package management tasks.
Managing yum all starts with managing software repositories. For this purpose, your distribution provides the /etc/yum.conf configuration file; most distributions also include the directory /etc/yum.repos.d, which can contain configuration files for individual software repositories. In Listing 8-2, you can see what the default repository configuration for Fedora software packages looks like.
As you can see, each of the package sources contains a few common items:
Note GPG offers PGP (Pretty Good Privacy)–based integrity checking of software packages. GPG is just the GNU version of PGP, which is available for free usage.
Note that on most Linux distributions, only online package repositories are used. This ensures that you’ll always get the latest version of the package you need to install, and it also makes sure that you can update your software smoothly. If you have already installed software from the online repositories, it is a bad idea to install packages from the installation media later, as you may end up with the wrong version of the package and some installation problems. If you are sure that you will never do online package management on a particular system, however, it is a good idea to configure yum to work with the local installation media only. The following procedure describes how you can do this for a Fedora system:
gpgcheck=1
[fedora-dvd]
name=Fedora installation DVD
baseurl=file:///cdrom
At this point, you have configured your system to look on the installation DVD only. Don’t forget to switch the online resources back on again if you ever intend to connect this system to the Internet to install software packages. You can do so by changing the value for the enable parameter that you used in step 3 of the procedure back to 1.
It will on occasion also happen that you need to create your own repository. This is useful if you’re using custom RPMs that are not in the default repositories and you want to install them using the yum command. To do this, you’ll need to copy the RPMs to a local directory and create the repository metadata for this directory. Once this is done, you can use the repository to install software.
EXERCISE 8-2: CREATING A LOCAL REPOSITORY
Using repositories for software installation is convenient, because while doing so the installer will always try to install software dependencies as well. In this exercise you’ll configure your own repository. Notice that this exercise works on Red Hat only.
[localrepo]
name=local
baseurl=file:///repo
gpgcheck=0
Managing Software Packages with yum
Based on the software repositories you have installed, you can use the yum command. This command is written to be intuitive. You want to install a package? Use yum install. Need to update? yum update will help. Following are some examples of the most important arguments that you can use with yum:
In exercise 8-3 you’ll learn how to work with yum repositories.
EXERCISE 8-3: WORKING WITH YUM REPOSITORIES
Notice that this exercise can be done on Red Hat and its derivatives only.
On SUSE Linux, an alternative to the RPM package manager is used, the zypper package manager. The intention of this package manager was to provide the same functionality that yum does, but in a faster way. The zypper package also works with package repositories and command-line utilities.
Managing zypper Software Repositories
In zypper, a repository is called an installation source. Installation sources are kept in the zypper database, which is in /var/lib/zypp. To manage zypper installation sources, you have to use the zypper command. The most important options that are related to package management are listed here:
As you can see, the zypper service-add command uses URL format. In Listing 8-6, the URL that was used refers to something on the local file system. However, you can also use zypper to refer to something that is on the Internet. For instance, zypper service-add http://www.example.com/packages would add an installation source that is on a web server. zypper uses the same URL syntax that you use when working with a browser and is therefore intuitive to work with.
Managing RPM Packages with zypper
Once the service lists are all configured, you can use zypper at the command line to manage software packages. In its use, zypper looks a lot like the yum utility; basically, you can just replace the yum command by the zypper command in most cases. However, there are also some useful additions to the zypper command that do not have yum equivalents. Following is an overview of the most important zypper command-line options:
In some cases, the zypper command will give you a lot of information. To filter out only the parts you need, use the grep utility.
RPM is not the only way to package software for Linux. Another very popular package format is the .deb format. This format was originally developed on Debian Linux but is now also the default package format for other distributions, of which Ubuntu is the most important. In this section, you’ll learn how to manage packages in this format. I’ve based this section on Ubuntu; you may therefore find some differences with the way other distributions handle .deb packages.
Managing .deb Software Repositories
On an Ubuntu system, a list of all these installation sources is kept in the file /etc/apt/sources.list. Although the most important software repositories are added to this file automatically, you may occasionally want to add other software repositories to this list. To understand how this works, it is useful to distinguish between the different package categories that Ubuntu uses. This will tell you more about the current status of a package, for example, if the package is considered safe or if it has licensing that doesn’t comply to common open source standards.
In all repositories, you’ll always find the following five package categories:
When installing software with the apt-get utility, it will look for installation sources in the configuration file /etc/apt/sources.list. Listing 8-8 shows a part of its contents.
you can see, the same format is used in all lines of the sources.list file. The first field in these lines specifies the package format to be used. Two different package formats are used by default: .deb for binary packages (basically precompiled program files) and .deb-src for packages in source file format. Next, the URI is mentioned. This typically is an HTTP or FTP URL, but it can be something else as well. For instance, it can refer to installation files that you have on an installation CD or in a directory on your computer. After that you’ll see the name of the distribution (trusty), and you’ll always see the current distribution version there. Last, every line refers to the available package categories. As you can see, most package categories are in the list by default.
Now that you understand how the sources.list file is organized, it follows almost automatically what should happen if you want to add some additional installation sources to this list: make sure that all required components are specified in a line, and add any line you like referring to an additional installation source. Once an additional installation source has been added, it will be automatically checked when working on software packages. For example, if you should use the apt-get update command to update the current state of your system, the package manager will check your new installation sources as well.
Tip! In some cases you may want to add your own repository. This is useful if you have a couple of .deb files and want to make them accessible for installation to user computers. Doing so is a simple 3-step procedure. Start by creating the directory and putting the .deb files in that directory. Next, you’ll run the dpkg-scanpackages command to create the repository metadata. As the last step, add the newly created repository to the sources.list files on all computers that need to use it.
A second important management component used by package managers on your computer is the package database. The most fundamental package database is the dpkg database, which is managed by the Debian utility dpkg. On Ubuntu as well as Debian, however, the Advanced Packaging Tools (apt) set is used for package management. These Ubuntu tools add functionality to package management that the traditional dpkg approach typically cannot offer. Because of this added functionality, the apt tools use their own database, which is stored in /var/lib/apt. By communicating with this database, the package manager can query the system for installed software, and this enables your server to automatically solve package- dependency problems.
Tip! To summarize it briefly: if you want to install software or manage installed software packages, use apt which talks to the apt database. If you want to query installed packages, use dpkg.
Every time a package is installed, a list of all installed files is added to the package database. By using this database, the package manager can even see whether certain configuration files have been changed, which is very important if you want to update packages at your server!
Ubuntu Package Management Utilities
You can use any of several command-line package management utilities on Ubuntu. The most important of these interact directly with the package database in /var/lib/apt. You would typically use the apt-get command for installation, updates, and removal of packages, and so you’ll find yourself working with that utility most of the time. You should also know of the aptitude utility, which works in two ways. You can use aptitude as a command-line utility to query your server for installed packages, but aptitude also has a menu-driven interface that offers an intuitive way to manage packages (see Figure 8-1).
Figure 8-1. The aptitude menu drive interface makes package management easier
Another approach to managing packages is the Debian way. Because Ubuntu package management is based on Debian package management, you can use Debian package management tools like dpkg as well. However, these do not really add anything to what Ubuntu package management already offers, and so I will not cover the Debian tools in this book.
Understanding apt
Before you start working on packages in Ubuntu, it is a good idea to decide what tool you want to use. It’s a good idea because many tools are available for Ubuntu, and each of them uses its own database to keep track of everything installed. To prevent inconsistencies in software packages, it’s best to choose your favorite utility and stick to that. In this book, I’ll focus on the apt-get utility, which keeps its database in the /var/lib/apt directory. This is my favorite utility because you can run apt-get as a very easy and convenient tool from the command line to perform tasks very quickly. The apt-get utility works with commands that are used as its argument, such as apt-get install something. In this example, install is the command you use to tell apt-get what you really want to do. Likewise, you can use some other apt-get commands. The following four commands are the most important building blocks when working with apt-get:
Notice that you can use many package management operations using the apt-get command. You can not use it to search for specific packages though. To do this, you’ll use the apt-cache search command. In exercise 8-4 you’ll use this command.
EXERCISE 8-4: WORKING WITH APT-GET
In this exercise you’ll learn how to work with apt-get. Notice that this exercise will only work on Ubuntu and related Linux distributions.
Showing a List of Installed Packages
Before you start managing packages on Ubuntu Server, you probably want to know what packages are already installed, and you can do this by issuing the dpkg -l command. It’ll generate a long list of installed packages. Listing 8-9 shows a partial result of this command.
Note The apt-get utility is not the most appropriate way to list installed packages because it can see only those packages that are installed with apt. If you have installed a package with dpkg (which I would not recommend), you won’t see it with apt-get. So, to make sure that you don’t miss any packages, I recommend using dpkg -l to get a list of all installed packages.
The result of the dpkg command shows information about packages and their status. The first character of the package shows the desired status for a package, and this status indicates what should happen to the package. The following status indicators are used:
The second character reveals the actual state of the package. You’ll find the following options:
The third character indicates any known error state associated with the package. In most cases you’ll just see a space (so, basically, you don’t see anything at all) indicating that nothing is wrong. Other options are as follows:
You can also use the dpkg utility to find out what package owns a certain file. This is very useful information. Imagine that a file is broken and you need to refresh the package’s installation. To find out what package owns a file, use dpkg --search /your/file. The command will immediately return the name of the package that owns this file.
On Ubuntu, a few solutions are available for package management. One of these is aptitude. The major benefit of this solution is that it is somewhat more user friendly because it can work with keywords, which are words that occur somewhere in the description of the package. For example, to get a list of all packages that have samba (the name of the well-known Linux file server package that you can use to provide Windows file services on your Linux computer) in their description, you would use aptitude search samba. Listing 8-10 shows the result of this command.
Once you have found a package using the aptitude command, you can also use it to show information about the package. To do this, you’ll use the show argument. For example, aptitude show samba will show you exactly what the package samba is all about (see Listing 8-11). As you can see, in some cases very useful information is displayed, including a list of dependencies that shows all packages that need to be installed if you want to use this package.
This package provides the components necessary to use Samba as a stand-alone file and print server or as an NT4 or Active Directory domain controller. For use in an NT4 domain or Active Directory realm, you will also need the winbind package.
This package is not required for connecting to existing SMB/CIFS servers (see smbclient) or for mounting remote filesystems (see cifs-utils). Homepage: http://www.samba.org.
Adding and Removing Software with apt-get
The best tool for Ubuntu and Debian to perform package management from the command line is apt-get. It provides a very convenient way to install, update, or remove software packages on your machine. It requires root permissions, so you should always start the command with sudo.
Before you do anything with apt-get, you should always use the apt-get update command first. Because apt-get gets most software packages online, it should always know about the latest available versions of those packages. The apt-get update command makes sure of this, and it caches a list of the most recent version of packages that are available on your server. Once the update is performed, you can use apt-get to install and remove software. Installation is rather easy: to install the package blah, use apt-get install blah. The advantage of the apt-get command is that it really tries to understand what you are doing. This is shown in Listing 8-12, where the apt-get command is used to install the Samba server software.
In the example from Listing 8-12, everything went all right because a package with the name samba exists. In some cases, you’ll see that apt-get doesn’t understand what you want it to do. If that happens, it sometimes gives a hint on the package that you need to install instead. If that doesn’t happen either, try to search the appropriate package first, using the aptitude search command.
You can also use apt-get to remove software, upgrade your system, and much more. The following list provides an overview of the most important functions of the apt-get command. Be aware that you should always run the command with root permissions, so use sudo to start apt-get (or set a root password and work as root directly).
Summary
In this chapter, you have read how to manage software packages. You have learned that software packages can be installed as individual packages, but because of dependencies, this is not a very good idea. Therefore, all distributions currently work with a package management solution where the software repository is used to list installable packages and an intelligent command is used to manage packages as well as their dependencies. You have read how to manage packages from the RPM world with the yum and zypper commands, as well as packages from the Debian world with the apt commands. The following commands and utilities were discussed in this chapter:
In the next chapter, you’ll learn how to manage processes on your Linux computer.
18.222.161.187