Product SiteDocumentation Site

5.2. 軟體套件中介資訊

The Debian package is not only an archive of files intended for installation. It is part of a larger whole and describes its relationship with other Debian packages (requisites, dependencies, conflicts, suggestions). It also provides scripts that enable the execution of commands at different stages in the package's lifecycle (installation, upgrade, removal). These data are used by the package management tools but are not part of the packaged software; they are, within the package, what is called its “meta-information” (information about other information).

5.2.1. 描述:control 檔案

This file uses a structure similar to email headers (as defined by RFC 2822) and is fully described in the Debian Policy and the manual pages deb-control(5) and deb822(5).
For example, for apt, the control file looks like the following:
$ apt-cache show apt
Package: apt
Version: 1.8.2
Installed-Size: 4064
Maintainer: APT Development Team <>
Architecture: amd64
Replaces: apt-transport-https (<< 1.5~alpha4~), apt-utils (<< 1.3~exp2~)
Provides: apt-transport-https (= 1.8.2)
Depends: adduser, gpgv | gpgv2 | gpgv1, debian-archive-keyring, libapt-pkg5.0 (>= 1.7.0~alpha3~), libc6 (>= 2.15), libgcc1 (>= 1:3.0), libgnutls30 (>= 3.6.6), libseccomp2 (>= 1.0.1), libstdc++6 (>= 5.2)
Recommends: ca-certificates
Suggests: apt-doc, aptitude | synaptic | wajig, dpkg-dev (>= 1.17.2), gnupg | gnupg2 | gnupg1, powermgmt-base
Breaks: apt-transport-https (<< 1.5~alpha4~), apt-utils (<< 1.3~exp2~), aptitude (<< 0.8.10)
Description-en: commandline package manager
 This package provides commandline tools for searching and
 managing as well as querying information about packages
 as a low-level access to all features of the libapt-pkg library.
 These include:
  * apt-get for retrieval of packages and information about them
    from authenticated sources and for installation, upgrade and
    removal of packages together with their dependencies
  * apt-cache for querying available information about installed
    as well as installable packages
  * apt-cdrom to use removable media as a source for packages
  * apt-config as an interface to the configuration settings
  * apt-key as an interface to manage authentication keys
Description-md5: 9fb97a88cb7383934ef963352b53b4a7
Tag: admin::package-management, devel::lang:ruby, hardware::storage,
 hardware::storage:cd, implemented-in::c++, implemented-in::perl,
 implemented-in::ruby, interface::commandline, network::client,
 protocol::ftp, protocol::http, protocol::ipv6, role::program,
 scope::application, scope::utility, suite::debian, use::downloading,
 use::organizing, use::playing, use::searching, works-with-format::html,
 works-with::audio, works-with::software:package, works-with::text
Section: admin
Priority: required
Filename: pool/main/a/apt/apt_1.8.2_amd64.deb
Size: 1418108
MD5sum: 0e80dedab6ec1e66a8f6c15f1925d2d3
SHA256: 80e9600822c4943106593ca5b0ec75d5aafa74c6130ba1071b013c42c507475e 相依性:依賴 欄位

The dependencies are defined in the Depends field in the package header. It is a list of conditions to be met for the package to work correctly. This information is used by tools such as apt in order to install the required libraries, tools, drivers, etc. in appropriate versions fulfilling the dependencies of the package to be installed. For each dependency, it is possible to restrict the range of versions that meet that condition. In other words, it is possible to express the fact that we need the package libc6 in a version equal to or greater than “2.15” (written “libc6 (>= 2.15)”). Version comparison operators are as follows:
  • <<:小於;
  • <=:小於或等於;
  • =:等於 (“2.6.1” 不等於 “2.6.1-1”);
  • >=:大於或等於;
  • >>:大於。
In a list of conditions to be met, the comma serves as a separator. It must be interpreted as a logical “and”. In conditions, the vertical bar (“|”) expresses a logical “or” (it is an inclusive “or”, not an exclusive “either/or”). Carrying greater priority than “and”, it can be used as many times as necessary. Thus, the dependency “(A or B) and C” is written A | B, C. In contrast, the expression “A or (B and C)” should be written as “(A or B) and (A or C)”, since the Depends field does not tolerate parentheses that change the order of priorities between the logical operators “or” and “and”. It would thus be written A | B, A | C.
相依性系統是保證程式順利運作的良好機制,但它也有另個用法 「中介套件」。這些空的軟體套件內容祗有相依性的說明。由中介套件維護者把一群程式的相依性描述在其中;例如,apt install meta-package 將自動安裝所有用到中介套件相依的檔案。gnomekde-fulllinux-image-amd64 套件就是中介套件之一。 衝突: Conflicts 欄位

The Conflicts field indicates when a package cannot be installed simultaneously with another. The most common reasons for this are that both packages include a file of the same name and path, or provide the same service on the same TCP port, or would hinder each other's operation.
dpkg 不會安裝衝突的套件,除非新套件指明 “取代” 被衝突的套件,dpkg 才會以新的套件取代舊的套件。apt 總是遵循您的指示:若選擇安裝新套件,則自動移除造成問題的舊套件。 不相容:Breaks 欄位

Breaks 欄位的影響類似於 Conflicts 欄位,但具有特殊的意義。指出安裝一個套件將 “中斷” 另個套件 (或特別版本的套件)。通常而言,兩個套件的不相容是短暫的,且 Breaks 關係係指不相容的特定版本。
已經中斷現有套件時,dpkg 將拒絕安裝並且 apt 將更新套件至新的版本試圖解決此問題 (通常可解決此問題,並再度相容)。
此狀況可能發生在未向下相容的昇級:新版本不再與舊版本相容,沒有特別安排將造成故障。Breaks 欄位避免使用者進入此問題。 提供項目:Provides 欄位

這個欄位引進有趣的 “虛擬套件” 概念。它有很多角色,其中兩個特別重要。第一個是以虛擬套件關連至一個通用的服務 (此套件 “提供” 此服務)。第二個是指出此套件完全取代另個套件,它也能滿足相依性的要求。因此,可能建立替代套件而不必使用相同名稱的套件。 提供 “服務”
讓我們以範例詳述第一個案子:postfixsendmail 之類的郵件伺服器都 “提供” mail-transport-agent 虛擬套件。因此需要啟用該等服務的套件 (如:smartlistsympa 之類的郵寄名單管理器) 祗要在其相依性裡敘明需要 mail-transport-agent 而不是指明還不相容的可能解決方案清單 (如 postfix | sendmail | exim4 | …)。更進一步來說,在同個機器安裝兩個郵件伺服器是沒有用的,因此每個套件都聲明與 mail-transport-agent 虛擬套件衝突。系統忽略衝突的兩個套件,但技術上可以禁止同時安裝兩個郵件伺服器。 與另個套件的交換性
The Provides field is also interesting when the content of a package is included in a larger package. For example, the libdigest-md5-perl Perl module was an optional module in Perl 5.6, and has been integrated as standard in Perl 5.8 (and later versions, such as 5.28 present in Buster). As such, the package perl has since version 5.8 declared Provides: libdigest-md5-perl so that the dependencies on this package are met if the user has Perl 5.8 (or newer). The libdigest-md5-perl package itself has eventually been deleted, since it no longer had any purpose when old Perl versions were removed.
使用 Provides 欄位以避免中斷相依性

圖形 5.1. 使用 Provides 欄位以避免中斷相依性

此功能極有用,因為它永遠不可能預料變化莫測的發展,也不能重新命名、或者自動替換過時的軟體。 過去的限制
虛擬套件曾有很多限制,最麻煩的是沒有版本編號。從上例可知,這種 Depends: libdigest-md5-perl (>= 1.6) 相依性,在 Perl 5.10 沒問題,但在包裝系統時仍不會滿足其相依性 — 雖然實際上已滿足了。但是包裝不知道相依性沒問題,祗好選擇風險最小的做法,假設其版本未相依。
This limitation has been lifted in dpkg 1.17.11, and is no longer relevant. Packages can assign a version to the virtual packages they provide with a dependency such as Provides: libdigest-md5-perl (= 1.8). 取代檔案:Replaces 欄位

Replaces 欄位指出在其他套件的檔案,但該套件也合理地取代他們。沒有指名,dpkg 失敗,說明它不能覆寫另個套件的檔案 (技術上來說,雖不能強迫使用 --force-overwrite 選項,但可視為標準選項)。因此在加入該欄位之前,先辦認可能的問題並要求維護者研究它。
已安裝套件內的所有檔案都被取代後,就該移除此套件。最後,此欄位亦鼓勵 dpkg 移除衝突的被取代套件。

5.2.2. 組態腳本

In addition to the control file, the control.tar.gz archive for each Debian package may contain a number of scripts, called by dpkg at different stages in the processing of a package. The Debian Policy describes the possible cases in detail, specifying the scripts called and the arguments that they receive. These sequences may be complicated, since if one of the scripts fails, dpkg will try to return to a satisfactory state by canceling the installation or removal in progress (insofar as it is possible).
In general, the preinst script is executed prior to installation of the package, while postinst follows it. Likewise, prerm is invoked before removal of a package and postrm afterwards. An update of a package is equivalent to removal of the previous version and installation of the new one. It is not possible to describe in detail all the possible scenarios here, but we will discuss the most common two: an installation/update and a removal. 安裝與升級

安裝 (或升級) 時候發生的事:
  1. 升級時,dpkg 叫用 old-prerm upgrade 新版本.
  2. 還是在升級時候,dpkg 執行 new-preinst upgrade 舊版本;第一次安裝時,它執行 new-preinst install。若已經安裝或移除該套件 (但未合併,仍保留組態檔案),可能在舊版本加入最新的參數。
  3. 解開新的套件。取代已存在的檔案,但暫時備份舊檔案。
  4. 升級時,dpkg 執行 old-postrm upgrade 新版本.
  5. dpkg 升級所有的內部資料 (檔案清單、組態腳本等) 並且移除被取代檔案的備份。這是臨界點:dpkg 不能再近用回復稍早狀態的元素。
  6. dpkg 將更新組態檔案,無法自動管理此工作時,要求使用者做決定。詳情在此 節 5.2.3, “校驗,組態檔案清單”
  7. 最後,dpkg 執行 new-postinst configure 舊版本組態 組態套件。 移除套件

  1. dpkg 呼叫 prerm remove.
  2. dpkg 移除套件所有檔案,但保留組態檔案與組態腳本。
  3. dpkg 執行 postrm remove。移除所有組態腳本,保留 postrm。若使用者未選擇 “清除” 選項,則工作完成。
  4. 完全清除的套件 (由 dpkg --purgedpkg -P 執行此工作),同時刪除其組態檔,以及若干複本 (*.dpkg-tmp, *.dpkg-old, *.dpkg-new) 和暫存檔案;dpkg 然後執行 postrm purge
config 腳本補充前述的 4 個腳本,套件以 debconf 取得組態用的資訊。安裝過程中,此腳本以 debconf 指令詢問使用者詳細的問題。把回應記錄在 debconf 資料庫供未來的參考。在安裝之前先由 apt 逐一執行該等腳本,歸納問題與回答。事前與事後安裝腳本可使用該等資訊回應使用者的期望。

5.2.3. 校驗,組態檔案清單

In addition to the maintainer scripts and control data already mentioned in the previous sections, the control.tar.gz archive of a Debian package may contain other interesting files. The first, md5sums, contains the MD5 checksums for all of the package's files. Its main advantage is that it allows dpkg --verify (which we will study in 節, “Auditing Packages with dpkg --verify) and debsums (from the package of the same name; see 節, “Auditing Packages: debsums and its Limits”) to check if these files have been modified since their installation. Note that when this file doesn't exist, dpkg will generate it dynamically at installation time (and store it in the dpkg database just like other control files).
conffiles lists package files that must be handled as configuration files (see also deb-conffiles(5)). Configuration files can be modified by the administrator, and dpkg will try to preserve those changes during a package update.
實際上,在此情況下,dpkg 儘可能地機靈:若在兩個版本間的標準組態檔並未改變, dpkg 就什麼事也不做。但是,若檔案改變動,就會更新此檔案。有兩種可能:管理員碰觸此組態檔時,由 dpkg 自動安裝新版本;或者被管理員修改過,dpkg 將要求管理員指定安裝的版本 (修訂過的舊版本、或套件提供的新版本)。為了有助於決定,dpkg 提供 “diff” 指令顯示兩個版本的差異。若選擇保留舊版本,新版仍儲存在同個資料夾其後綴檔名為 .dpkg-dist。若選擇使用新版本,舊仍儲存在同個資料夾其後綴檔名為 .dpkg-old。另一個作為是暫時中斷 dpkg 以編輯檔案並試圖重新安裝相關的修訂 (之前被 diff 驗証的差異)。