deb (file format)

From HandWiki
Short description: Debian software package format

Debian package
Application-x-deb.svg
The GNOME icon for deb files.
(Showing the Debian logo on a package)
Filename extension.deb, .udeb
Internet media typeapplication/vnd.debian.binary-package[1]
Developed byDebian
Type of formatPackage management system
Container forSoftware package
Extended fromar archive, tarball
Websitedeb format specification

deb is the format, as well as filename extension of the software package format for the Debian Linux distribution and its derivatives.

Design

GDebi installing a .deb package

Debian packages are standard Unix ar archives that include two tar archives. One archive holds the control information and another contains the installable data.[2]

dpkg provides the basic functionality for installing and manipulating Debian packages. Generally end users don't manage packages directly with dpkg but instead use the APT package management software or other APT front-ends such as aptitude (nCurses) and synaptic (GTK).[3]

Debian packages can be converted into other package formats and vice versa using alien, and created from source code using checkinstall or the Debian Package Maker.[4]

Some core Debian packages are available as udebs ("micro debs"), and are typically used only for bootstrapping a Debian installation. Although these files use the udeb filename extension, they adhere to the same structure specification as ordinary deb files. However, unlike their deb counterparts, udeb packages contain only essential functional files.[5] In particular, documentation files are normally omitted. udeb packages are not installable on a standard Debian system, but are used in Debian-Installer.

Implementation

Diagram showing an example file structure of a .deb file

thumb|Frhed hex editor displaying the raw data of a Debian package.|right

Prior to Debian 0.93, a package consisted of a file header and two concatenated gzip archives.[6] Since Debian 0.93, a deb package is implemented as an ar archive.[7] This archive contains three files in a specific order:[8][9]

  1. debian-binary - A text file named debian-binary containing a single line giving the package format version number. (2.0 for current versions of Debian).[9]
  2. control archive - A tar archive named control.tar contains the maintainer scripts and the package meta-information (package name, version, dependencies and maintainer). Compressing the archive with gzip or xz and zstd is supported. The file extension changes to indicate the compression method.[9][2]
  3. data archive - A tar archive named data.tar contains the actual installable files. Compressing the archive with gzip, bzip2, lzma or xz and zstd is supported. The file extension changes to indicate the compression method.[9][2]

Control archive

The control archive contents can include the following files:

  • control contains a brief description of the package as well as other information such as its dependencies.[10][11][12][13]
  • md5sums contains MD5 checksums of all files in the package in order to detect corrupt or incomplete files.[14]
  • conffiles lists the files of the package that should be treated as configuration files. Configuration files are not overwritten during an update unless specified.[15]
  • preinst, postinst, prerm and postrm are optional scripts that are executed before or after installing or removing the package.[15][16]
  • config is an optional script that supports the debconf configuration mechanism.[17]
  • shlibs list of shared library dependencies.[18][19]

Signed packages

Debian-based distributions support OpenPGP signature verification of signed Debian packages, but most (if not all) have this feature disabled by default.[20] Instead packages are verified by signing the repository metadata (i.e. Release files). The metadata files in turn include checksums for the repository files as a means to verify authenticity of the files.[21][22] Currently there are two different implementations for signing individual packages. The first is done via the debsigs / debsig-verify toolset, which is supported by dpkg.[20][23] The second is done through the dpkg-sig program which is not supported by dpkg, so the packages have to be manually checked with the dpkg-sig program.[20][24][25][26] Both formats add new sections to the ar archive to store the signature information, but the formats are not compatible with one another.[20] Neither of the modifications to the package format are listed in the official Debian handbook or man page about the binary package format.[27][8]

Adoption

  • Debian packages are used in distributions based on Debian, such as Ubuntu and many others.
  • Fink, a port of dpkg and APT to macOS, uses deb packages.[28][29]
  • Nexenta OS, a discontinued OS based on OpenSolaris, included Debian package management software and the use of deb packages.
  • Debian GNU/kFreeBSD, an OS that uses a GNU based userland and the FreeBSD kernel.
  • Debian GNU/Hurd.
  • Some jailbroken iOS devices (iPhones, iPads and iPods).[30][31]
  • Ipkg and Opkg, which both use .ipk packages that resemble Debian's dpkg

See also

References

  1. "Media Type Registration for vnd.debian.binary-package". Internet Assigned Numbers Authority. https://www.iana.org/assignments/media-types/application/vnd.debian.binary-package. 
  2. 2.0 2.1 2.2 Raphaël Hertzog (17 Sep 2010). "How to create Debian packages with alternative compression methods". https://raphaelhertzog.com/2010/09/17/how-to-create-debian-packages-with-alternative-compression-methods/. 
  3. "Debian Courses/Maintaining Packages/Packages Management". 31 Oct 2010. https://wiki.debian.org/Courses/MaintainingPackages/Packages/Management. 
  4. "Overview of Debian Maintainer Tools / Alien". n.d.. https://www.debian.org/doc/manuals/developers-reference/apa.en.html#alien. 
  5. "Chapter 3. D-I components or udebs". n.d.. http://d-i.alioth.debian.org/doc/internals/ch03.html. 
  6. "deb-old(5) man page: Debian old binary package format". https://manpages.debian.org/unstable/deb-old.5. 
  7. Lucas Nussbaum (16 Oct 2014). "Debian Packaging Tutorial". https://www.debian.org/doc/manuals/packaging-tutorial/packaging-tutorial.en.pdf#page=7. 
  8. 8.0 8.1 "deb(5) man page: Debian binary package format". https://manpages.debian.org/unstable/deb.5. 
  9. 9.0 9.1 9.2 9.3 "Debian Binary Package Building HOWTO/3. Package Structure". n.d.. http://www.tldp.org/HOWTO/Debian-Binary-Package-Building-HOWTO/x60.html. 
  10. "deb-control(5) man page: Debian packages' master control file format". https://manpages.debian.org/unstable/deb-control.5. 
  11. "Debian Policy Manual Chapter 5 - Control files and their fields". 30 Mar 2016. https://www.debian.org/doc/debian-policy/ch-controlfields.html#s-binarycontrolfiles. 
  12. Josip Rodin and Osamu Aoki (9 Jun 2015). "Debian New Maintainers' Guide - Ch4 Required files under the debian directory". https://www.debian.org/doc/manuals/maint-guide/dreq.en.html#control. 
  13. "Debian Policy Manual Ch7 - Declaring relationships between packages". 30 Mar 2016. https://www.debian.org/doc/debian-policy/ch-relationships.html#s-binarydeps. 
  14. "The Debian Administrator's Handbook - Package Meta-Information". n.d.. https://debian-handbook.info/browse/stable/sect.package-meta-information.html. 
  15. 15.0 15.1 "Chapter 7. Basics of the Debian package management system". 12 August 2019. https://www.debian.org/doc/manuals/debian-faq/pkg-basics.en.html. 
  16. "Debian Maintainer Scripts". 11 Oct 2012. https://wiki.debian.org/MaintainerScripts. 
  17. Joey Hess (n.d.). "The Debconf Programmer's Tutorial - The Config Script". http://www.fifi.org/doc/debconf-doc/tutorial.html#AEN113. 
  18. "dpkg-shlibdeps(1) man page". https://manpages.debian.org/unstable/dpkg-shlibdeps.1. 
  19. "Debian Policy - 8.6 Dependencies between the library and other packages". 30 Mar 2016. https://www.debian.org/doc/debian-policy/ch-sharedlibs.html#s-sharedlibs-depends. 
  20. 20.0 20.1 20.2 20.3 Joe Damato (28 Oct 2014). "HOWTO: GPG sign and verify deb packages and APT repositories". http://blog.packagecloud.io/eng/2014/10/28/howto-gpg-sign-verify-deb-packages-apt-repositories/. 
  21. "APT repository internals". 4 Aug 2015. http://blog.packagecloud.io/eng/2015/08/04/apt-repository-internals/. 
  22. "SecureApt - All about secure apt". 22 Sep 2015. https://wiki.debian.org/SecureApt. 
  23. "debsig-verify(1) man page". https://manpages.debian.org/unstable/debsig-verify.1. 
  24. "debsigs(1) man page". https://manpages.debian.org/unstable/debsigs.1. 
  25. Andreas Barth (29 Dec 2003). "Integrating signatures into Debian archive files". http://dpkg-sig.turmzimmer.net/. 
  26. "policy for debsigs". 1 Feb 2004. http://dpkg-sig.turmzimmer.net/policy.html. 
  27. "The Debian Administrator's Handbook - Ch5. Packaging System: Tools and Fundamental Principles". n.d.. https://www.debian.org/doc/manuals/debian-handbook/packaging-system.en.html. 
  28. "Fink FAQ - General Questions". 6 Jun 2015. http://www.finkproject.org/faq/general.php. 
  29. "Fink FAQ - Installing, Using and Maintaining Fink". 6 Jun 2015. http://www.finkproject.org/faq/usage-fink.php. 
  30. Jay Freeman (n.d.). "Bringing Debian APT to the iPhone". http://www.saurik.com/id/1. 
  31. Erica Sadun (28 Feb 2008). "Debian-style installation arrives on iPhone". https://www.engadget.com/2008/02/28/debian-style-installation-arrives-on-iphone/. 

External links



Retrieved from "https://handwiki.org/wiki/index.php?title=Deb_(file_format)&oldid=3372146"