Package Managers

Last modified: July 30, 2024

This article is written in: 🇺🇸

Package Managers

Debian and Ubuntu are popular Linux distributions for home users. These distributions and their derivatives use the Advanced Package Tool (APT). Other distributions use alternative package managers, like DNF, YUM, Pacman, which have unique functionalities and syntax.

Be cautious with package managers as they install software and dependencies and may affect your system's configuration.

User
  |
  | uses
  V
Package Manager (e.g., APT, DNF, YUM, Pacman)
  |
  | fetches metadata and package lists from
  V
Package Repository
  |
  | downloads
  V
Package files (.deb, .rpm, .tar.xz, etc.)
  |
  | unpacks/installs to
  V
System directories (/usr/bin, /usr/lib, etc.)

Installing and Updating Software Packages

APT

APT (Advanced Package Tool) is the command-line tool used in Debian-based Linux distributions for handling packages. It's preferred over its predecessors, apt-get and aptitude.

I. Updating Repository Information

Before installing or upgrading packages, update the list of available packages and their versions:

apt update

II. Upgrading Installed Packages

To upgrade all installed packages to their latest available versions:

apt upgrade

III. Installing New Packages

To install a new package from the repositories. For example, installing httpd:

apt install httpd

IV. Installing Local .deb Files

If you have a .deb package file downloaded locally, install it using:

apt install /path/to/package/name.deb

V. Verifying Installation

To check if a package is successfully installed and to view its details:

apt show httpd

YUM

YUM (Yellowdog Updater, Modified) is a package manager used in Red Hat-based Linux distributions. It differs from apt in that it doesn't require repository updates before installing or updating software.

I. Checking for Updates

To check available updates for installed packages:

yum check-update

II. Updating All Packages

To update all packages to their latest versions:

yum update

III. Updating Specific Packages

To update a particular package, such as httpd:

yum update httpd

IV. Searching for Packages

To search for a package by name. For example, searching for apache:

yum search apache

V. Installing Packages

To install a specific package, like httpd:

yum install httpd

VI. Displaying Package Information

To display detailed information about a package:

yum info httpd

VII. Listing Installed Packages

To display a list of all installed packages:

yum list installed

VIII. Removing Packages

To remove an installed package, such as httpd:

yum remove httpd

IX. Cleaning Cache

To clean the YUM cache, which includes removing downloaded packages and metadata:

yum clean all

Tarballs

Installing software from tarballs is an alternative to using package managers on Linux. This manual method is broken down into three primary steps:

I. Extract

First, navigate to the directory containing the tarball. Use the following command to extract its contents:

tar -zxvf path_to_tar.tar.gz
cd path_to_tar

II. Compile

The process might vary depending on the software, but generally, you would run:

make

If there is a configuration file (configure script) present, especially one listing dependencies, run it before executing make.

III. Install

Installation is often done through make install, which should place the executable in the correct directory:

make install

Alternatively, for some software, you may need to manually copy the compiled executable to a directory like /usr/local/bin.

🔴 Caution: Remember that software installed via tarballs does not benefit from automatic updates typically provided by package managers. This means manually tracking and updating software for security patches and new features.

RPM

RPM (Red Hat Package Manager) is a low-level package manager used in Red Hat-based Linux distributions. It allows direct management of software packages but requires a bit more manual intervention compared to higher-level tools like YUM.

I. Downloading RPM Packages

To download an RPM package from a website:

wget http://some_website/sample_file.rpm

II. Installing Packages with RPM

To install a downloaded RPM package:

rpm -ivh sample_file.rpm

i stands for install, v for verbose (showing detailed output), and h for hash (displaying progress as hash marks).

III. Listing All Installed Packages

To list all installed packages:

rpm -qa

IV. Listing a Specific Package

To check if a specific package, like nano, is installed:

rpm -qa nano

V. Displaying Package Documentation

To display documentation files of a specific package:

rpm -qd nano

VI. Removing Packages with RPM

To remove an installed package:

rpm -e nano

e stands for erase, which removes the package.

🔴 Note: While RPM provides a granular control over package management, it doesn't resolve dependencies automatically. It's important to ensure that dependencies are managed manually or through a higher-level tool like YUM or DNF.

Software Package Repositories

A software package repository in the context of Linux and other Unix-like operating systems is a centralized storage location containing various software packages. These repositories are essential components in the package management system, utilized by package managers to download and install software and updates.

Key Components of a Repository

The label might be something like base, updates, or extras, which uniquely identifies each repository in configuration files. For example, in a YUM repository configuration, the label [base] identifies the base repository.
The name could be descriptive, such as "CentOS Base Repository" or "Fedora Updates", giving a clear indication of the content or purpose. For instance, "CentOS Base" suggests this repository contains the core CentOS packages.
A mirrorlist example could look like http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os. This URL directs the system to a list of available mirrors that host the repository, ensuring a fast and reliable download experience.
The base URL might be specified as http://mirror.centos.org/centos/7/os/x86_64/, indicating the primary location where the RPM packages for CentOS 7 are stored. Users download packages directly from this URL if the mirrorlist is not used.
The GPG Check setting in a repository configuration might look like gpgcheck=1, where the value 1 indicates that GPG signature verification is enabled. This ensures that the packages are authentic and have not been tampered with.

Common Repository Labels

The Base repository, for instance, could include packages like glibc, bash, and kernel, which are essential components of the operating system. These packages are crucial for the system's basic operation and are well-tested.
The Updates repository may provide updated versions of core packages, such as httpd (Apache HTTP Server) or openssl, containing security fixes and performance improvements. For example, a critical security patch for openssl would appear in the Updates repository.
An Optional repository might include packages like nginx, mysql-community-server, or other open-source software that, while useful, is not officially supported by the distribution's core team. These packages provide additional capabilities but may have less thorough testing.
The Supplemental repository could offer proprietary software such as Oracle Java or commercial fonts. These are not open-source and are often provided with restrictions on usage, but they expand the range of software available on the system.
The Extras repository might contain newer or experimental software, such as a beta version of gcc or Python, which is not yet included in the Base repository. This repository allows users to access the latest features and test them before they become part of the standard offering.

Managing APT Repositories

APT repositories are defined in /etc/apt/sources.list and in the /etc/apt/sources.list.d/ directory.

The add-apt-repository command is used to add or remove APT repositories.
It modifies the /etc/apt/sources.list file or creates new files in /etc/apt/sources.list.d/.
Install this utility with the following commands:

apt update
apt install software-properties-common

Example: Installing Wine

To demonstrate managing APT repositories, here's how you can install Wine on a Debian-based system:

I. Get and Install the Repository Key

Download and install the GPG key for the Wine repository:

wget -nc https://dl.winehq.org/wine-builds/winehq.key
gpg -o /etc/apt/trusted.gpg.d/winehq.key.gpg --dearmor winehq.key

II. Add the Wine Repository

Add the Wine repository to your system's sources:

add-apt-repository 'deb https://dl.winehq.org/wine-builds/ubuntu/ focal main'

III. Update the Package Database

Update APT's package database to recognize the new repository:

apt update

IV. Install Wine

Install the stable version of Wine with:

sudo apt install --install-recommends winehq-stable

V. Verify the Installation

Confirm that Wine is correctly installed:

wine --version

🔴 Note: It's important to ensure that repositories and their keys are obtained from trusted sources to avoid security risks. Incorrect or malicious repositories can compromise the system's integrity and security.

Managing YUM Repositories

The configuration files for YUM repositories are located in the /etc/yum.repos.d directory.

I. Display Repositories

To display a list of all enabled and available repositories, use:

yum repolist all

II. Add a New Repository

To add a new repository by specifying its URL, use the yum-config-manager tool:

yum-config-manager --add-repo=[URL]

III. Enable a Repository

If a repository is disabled and you want to enable it, use the following command. Replace [repo_id] with the actual repository ID:

yum-config-manager --enable [repo_id]

IV. Disable a Repository

To disable a repository temporarily (for example, to prevent updates from that repository), use:

yum-config-manager --disable [repo_id]

Challenges

Configure a Linux system to use both official and third-party repositories while preventing package conflicts.
Safely upgrade a major software package (like Python or MySQL) ensuring all system dependencies are maintained.
Script a solution to automatically switch to a backup repository when the primary YUM or APT repository fails.
Create a script or use existing tools to automate security updates on a Linux system without breaking package dependencies.
Download and compile a piece of software from a tarball, resolving all dependencies manually.
Use the alien tool or similar to convert an RPM package to a DEB package and ensure it installs correctly on a Debian-based system.
Manually resolve package dependencies for a complex software installation without using package manager automation.
Set up and configure a custom YUM repository on a CentOS system.
Install a Linux software package on a system without direct internet access using offline methods.
Write a script to automate the cleanup of old or unused packages and maintenance tasks like cache clearing in a Linux environment.