Docker - Debian APT - Part Two

   
   
 docker  distro  package manager  debian  
 system  
Table of Content

This is one topic of a package management diversity series.


Table of Content

This is a four-parts article. There are few sections here.

Part One
  • Preface: Test Bed, Must Read
  • Getting Started With Docker
  • Package Management: DPKG Frontend, APT Frontend, Get Help, The new APT, APT Shell
  • Updating System: OS Release, Refresh Update, List Upgradable, Upgrade
  • Package IRSIF: Install, Download, Removal, Unused Dependency, Query Search, Show Info, List Files, Extract
  • What's Next
Part Two
  • Group: Task
  • Package More: Change Log, Policy, aptitude, dselect, configure, Search Files, dlocate, Unused Dependency
  • System Wide: Statistics, List Packages, Config, Verify
  • History: The Log File
  • Clean Up: Clean, Unused Dependency, Orphan
  • What's Next
Part Three
  • Dependency: Dependency, Reverse Dependency, Test
  • Hold Package: Building Example, Mark Hold, Pinning
  • Repository: Configuration, Policy, Add Repository, Mirror
  • Distribution Upgrade
  • Repository Pinning: nmap Case, New Docker for Stretch, Stable nmap, Pinning Unstable, Unstable nmap
  • What's Next
Part Four
  • Build from Source: The Toolchain, Source Repository, User Privilege, Build Directory, Example, Download Source, Build Source, Examine Directory, Install Result
  • Developer Script: debcheckout, Build Dependency, Build Package, Lintian, Source Compile, debi, Deb Checksums, Show Source
  • Conclusion

Group

I cannot find any reference about group in APT.

Task

The closest concept about group in APT is, by using task.

$ apt install tasksel
$ tasksel --list-tasks 
u desktop	Debian desktop environment
u gnome-desktop	GNOME
u xfce-desktop	Xfce
u kde-desktop	KDE
u cinnamon-desktop	Cinnamon
u mate-desktop	MATE
u lxde-desktop	LXDE
u web-server	web server
u print-server	print server
u ssh-server	SSH server
u laptop	laptop

Docker APT: Task List (Group)

Now you can install. Note the additional prefix task-.

$ apt install task-xfce-desktop

More complete information provided in manual.

$ man tasksel

Package More

More about Package, than just IRSIF.

Change Log

$ apt-get changelog ncdu

Or:

$ apt changelog ncdu

Docker APT: Changelog

Package Policy

We can examine the policy too.

$ apt-cache policy ncdu

Almost equal to:

$ apt policy ncdu
ncdu:
  Installed: (none)
  Candidate: 1.12-1+b1
  Version table:
     1.12-1+b1 500
        500 http://deb.debian.org/debian stretch/main amd64 Packages

There is no aptitude policy this time. “ This aptitude does not have Super Cow Powers. “ However there is aptitude versions.

$ aptitude versions ncdu  
p   1.12-1+b1                               stable              500

Docker APT: Policy

We will discuss policy later.

Aptitude

aptitude provide text based user interface.

Docker Aptitude: Dialog

Dselect

There are alternative text based user interface as well called dselect.

Docker Dselect: Dialog

Interrupted Process

Sometimes DPKG interrupted, for some reason such as, I have to immediately turn off my notebook or stuff. You can continue with this command.

$ dpkg --configure -a

Search Files

This looks like list files command, but very different task. This command looking for any package that match the corresponding search.

$ dpkg -S ncdu

Or

$ dpkg-query --search ncdu
ncdu: /usr/share/doc/ncdu
ncdu: /usr/share/doc/ncdu/changelog.Debian.amd64.gz
fish-common: /usr/share/fish/completions/ncdu.fish
ncdu: /usr/share/doc/ncdu/changelog.gz
ncdu: /usr/share/doc/ncdu/changelog.Debian.gz
ncdu: /usr/share/man/man1/ncdu.1.gz
ncdu: /usr/share/doc/ncdu/copyright
ncdu: /usr/bin/ncdu

Docker DPKG: Search

As you can see, it found in both ncdu and fish package.

dlocate

Alternatively

$ dlocate ncdu
ncdu: /.
ncdu: /usr
ncdu: /usr/bin
ncdu: /usr/bin/ncdu
ncdu: /usr/share
ncdu: /usr/share/doc
ncdu: /usr/share/doc/ncdu
ncdu: /usr/share/doc/ncdu/changelog.Debian.amd64.gz
ncdu: /usr/share/doc/ncdu/changelog.Debian.gz
ncdu: /usr/share/doc/ncdu/changelog.gz
ncdu: /usr/share/doc/ncdu/copyright
ncdu: /usr/share/man
ncdu: /usr/share/man/man1
ncdu: /usr/share/man/man1/ncdu.1.gz
fish-common: /usr/share/fish/completions/ncdu.fish

Docker Debian: dlocate

Hold Package

APT can lock package using either hold or pinning.

Building Example

Suppose you want to do system upgrade, but you do not want to upgrade certain package. There is a good reason for these, such as keeping old driver, because the latest has a issue or such reason. Or maybe we want to keep our current beloved newly compiled package that equipped with super duper specific configuration parameter optimization.

Consider change sources.list repository, from stretch/stable to testing. We need an example package that we can hold as a guinea pig example. We can achieveed this using update and upgrade or list --upgradable .

$ nano /etc/apt/sources.list
deb http://deb.debian.org/debian testing main

# deb http://deb.debian.org/debian stretch main
# deb http://deb.debian.org/debian stretch-updates main

# deb http://kambing.ui.ac.id/debian stretch main
# deb http://kambing.ui.ac.id/debian stretch-updates main

# deb http://security.debian.org stretch/updates main

Docker APT: Testing: sources.list

$ apt update
Get:1 http://deb.debian.org/debian testing InRelease [135 kB]
Get:2 http://deb.debian.org/debian testing/main amd64 Packages [9669 kB]
Fetched 9804 kB in 7s (1270 kB/s)                                           
Reading package lists... Done
Building dependency tree       
Reading state information... Done
73 packages can be upgraded. Run 'apt list --upgradable' to see them.
$ apt list --upgradable
Listing... Done
adduser/testing 3.116 all [upgradable from: 3.115]
apt/testing 1.5~rc1 amd64 [upgradable from: 1.4.7]
aptitude/testing 0.8.9-1 amd64 [upgradable from: 0.8.7-1]
aptitude-common/testing 0.8.9-1 all [upgradable from: 0.8.7-1]
base-files/testing 10 amd64 [upgradable from: 9.9+deb9u1]
bsdutils/testing 1:2.29.2-4 amd64 [upgradable from: 1:2.29.2-1]

And the winner is apt and aptitude* as our guinea pig locking example.

Docker APT: Testing: List Upgradable

Mark Hold

We can hold package easily using APT. By using apt-mark hold. Note that there is no apt hold.

$ apt-mark hold apt
apt set on hold.

Docker APT: Mark Hold

Now apt will be ignored when upgrade.

$ apt upgrade
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Calculating upgrade... Done
The following packages were automatically installed and are no longer required:
  libperl5.24 perl-modules-5.24
Use 'apt autoremove' to remove them.
The following NEW packages will be installed:
  fdisk gcc-7-base libperl5.26 perl-modules-5.26
The following packages have been kept back:
  apt libapt-pkg5.0
The following packages will be upgraded:
  adduser aptitude aptitude-common base-files bsdutils dash
...

Docker APT: apt Kept Back

$ apt-mark unhold apt
Canceled hold on apt.

Pinning

Youcan also lock by Pinning using negative value. Consider make a new apt file in /etc/apt/preferences.d

$ touch /etc/apt/preferences.d/apt

$ nano /etc/apt/preferences.d/apt
Package: apt
Pin: release a=testing
Pin-Priority: -1

apt won’t even shown up in upgradable list.

Docker APT: /etc/apt/preferences.d

$ apt list --upgradable
Listing... Done
adduser/testing 3.116 all [upgradable from: 3.115]
aptitude/testing 0.8.9-1 amd64 [upgradable from: 0.8.7-1]
aptitude-common/testing 0.8.9-1 all [upgradable from: 0.8.7-1]
base-files/testing 10 amd64 [upgradable from: 9.9+deb9u1]
bsdutils/testing 1:2.29.2-4 amd64 [upgradable from: 1:2.29.2-1]

Docker APT: Not Shown Up in Upgradable

Example done successfully. Guinea pig is alive. Do not forget to unpin.

$ rm /etc/apt/preferences.d/apt

I personally used this method to prevent my sis671 driver to be updated for almost one and a half year. Finally, the new driver works, so I do not pin this driver anymore.

System Wide

System Wide Information

Cache Statistics

There is this stats command to dump the system wide information.

$ apt-cache stats
Total package names: 1275 (25.5 k)
Total package structures: 1275 (56.1 k)
  Normal packages: 388
  Pure virtual packages: 4
  Single virtual packages: 192
  Mixed virtual packages: 1
  Missing: 690
Total distinct versions: 389 (31.1 k)
Total distinct descriptions: 389 (9336 )
Total dependencies: 2677/1765 (81.8 k)
Total ver/file relations: 389 (9336 )
Total Desc/File relations: 389 (9336 )
Total Provides mappings: 201 (4824 )
Total globbed strings: 2808 (39.1 k)
Total slack space: 20.8 k
Total space accounted for: 691 k
Total buckets in PkgHashTable: 50503
  Unused: 49243
  Used: 1260
  Utilization: 2.4949%
  Average entries: 1.0119
  Longest: 3
  Shortest: 1
Total buckets in GrpHashTable: 50503
  Unused: 49243
  Used: 1260
  Utilization: 2.4949%
  Average entries: 1.0119
  Longest: 3
  Shortest: 1

List Packages

There is this dumpavail and dump command with long output to list packages

$ apt-cache dumpavail | less
$ apt-cache dump | less
Package: 0ad
Version: 0.0.21-2
Installed-Size: 18473
Maintainer: Debian Games Team <pkg-games-devel@lists.alioth.debian.org>
Architecture: amd64
...

Docker APT: cache dump

Or just package names if you wish. Listing packages handled by package manager, can be achieved by apt-cache pkgnames.

$ apt-cache pkgnames | less

APT Config

$ apt-config dump
APT "";
APT::Architecture "amd64";
APT::Build-Essential "";
APT::Build-Essential:: "build-essential";
APT::Install-Recommends "1";
APT::Install-Suggests "0";
APT::Sandbox "";
APT::Sandbox::User "_apt";
APT::NeverAutoRemove "";
APT::NeverAutoRemove:: "^firmware-linux.*";
APT::NeverAutoRemove:: "^linux-firmware$";
...

Docker APT: config dump

Verify

Verify integrity of package database, such as dependencies.

$ apt-get check
Reading package lists... Done
Building dependency tree       
Reading state information... Done

History

This is most the forgotten part of package management, although it is not uncommon to notice messages.

The Log File

There are few log files.

  • /var/log/dpkg.log

  • /var/log/apt/history.log

  • /var/log/apt/term.log

  • /var/log/aptitude

less or more is a good tool to read log file. Most likely you want the tail, latest transaction, at the bottom of the recorded event.

$ tail /var/log/apt/history.log
Install: dselect:amd64 (1.18.24)
End-Date: 2017-09-10  18:28:00

Start-Date: 2017-09-10  19:07:40
End-Date: 2017-09-10  19:07:40

Start-Date: 2017-09-10  20:27:17
Commandline: apt install tasksel
Install: tasksel-data:amd64 (3.39, automatic), laptop-detect:amd64 (0.13.8, automatic), dmidecode:amd64 (3.0-4, automatic), tasksel:amd64 (3.39)
End-Date: 2017-09-10  20:27:23

Docker: /var/log/apt/history.log

Here is another

$ tail /var/log/dpkg.log
2017-09-11 13:52:44 status unpacked lynx:amd64 2.8.9dev11-1
2017-09-11 13:52:44 status half-configured lynx:amd64 2.8.9dev11-1
2017-09-11 13:52:44 status installed lynx:amd64 2.8.9dev11-1
2017-09-11 13:52:44 configure fish:amd64 2.4.0-1 <none>
2017-09-11 13:52:44 status unpacked fish:amd64 2.4.0-1
2017-09-11 13:52:44 status half-configured fish:amd64 2.4.0-1
2017-09-11 13:52:44 status installed fish:amd64 2.4.0-1
2017-09-11 13:52:44 trigproc libc-bin:amd64 2.24-11+deb9u1 <none>
2017-09-11 13:52:44 status half-configured libc-bin:amd64 2.24-11+deb9u1
2017-09-11 13:52:44 status installed libc-bin:amd64 2.24-11+deb9u1

Docker: /var/log/dpkg.log

Clean Up

Keep your system neat and tidy.

Clean

APT as default keep downloaded package.

Package Cache

  • /var/cache/apt/archives/ * .deb

You can clean this directory by using either

$ apt clean

$ apt-get clean

$ aptitude clean

Docker APT: clean

$ apt autoclean
Reading package lists... Done
Building dependency tree       
Reading state information... Done

$ apt-get autoclean
Reading package lists... Done
Building dependency tree       
Reading state information... Done

$ aptitude autoclean
Freed 0 B of disk space

Docker APT: autoclean

Note that we do not need to do clean up with docker because of these rules.

$ less /etc/apt/apt.conf.d/docker-clean
DPkg::Post-Invoke { "rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true"; };
APT::Update::Post-Invoke { "rm -f /var/cache/apt/archives/*.deb /var/cache/apt/archives/partial/*.deb /var/cache/apt/*.bin || true"; };

Docker APT: autoclean

Unused Dependency Removal

Many times we remove package, and the dependency packages left in the system. We can clean up by utilize apt-get autoremove.

$ apt-get autoremove

Almost equal to:

$ apt autoremove
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following packages will be REMOVED:
  bc bzip2 file fish-common javascript-common libexpat1 libffi6
  libgmp10 libgnutls30 libhogweed4 libidn11 libjs-jquery
  libmagic-mgc libmagic1 libnettle6 libp11-kit0 libpcre2-32-0
  libpython-stdlib libpython2.7-minimal libpython2.7-stdlib
  libreadline7 libssl1.1 libtasn1-6 libx11-6 libx11-data libxau6
  libxcb1 libxdmcp6 lynx lynx-common mime-support python
  python-minimal python2.7 python2.7-minimal xsel xz-utils
0 upgraded, 0 newly installed, 37 to remove and 0 not upgraded.
After this operation, 47.0 MB disk space will be freed.
Do you want to continue? [Y/n]

Docker APT: Autoremove Unused Dependency

There is no aptitude autoremove this time. “ This aptitude does not have Super Cow Powers.

Orphan

Quote from the manual, deborphan finds packages that have no packages depending on them. This is different with autoremove.

$ deborphan
dh-systemd

Docker Debian: deborphan

What’s Next

There are still, repository topic and building from source. Consider finish reading [ Part Three ].

Thank you for reading