Product SiteDocumentation Site

5.4. 以 dpkg 管理套件

dpkg is the base command for handling Debian packages on the system. If you have .deb packages, it is dpkg that allows installation or analysis of their contents. But this program only has a partial view of the Debian universe: it knows what is installed on the system, and whatever it is given on the command line, but knows nothing of the other available packages. As such, it will fail if a dependency is not met. Tools such as apt and aptitude, on the contrary, will create a list of dependencies to install everything as automatically as possible.

5.4.1. 安裝套件

首先,dpkg 是安裝 Debian 已經可用套件的工具 (因為不需下載任何東西)。我們使用它的 -i--install 選項。

範例 5.2. 以 dpkg 安裝套件

# dpkg -i man-db_2.8.5-2_amd64.deb
(Reading database ... 14913 files and directories currently installed.)
Preparing to unpack .../man-db_2.8.5-2_amd64.deb ...
Unpacking man-db (2.8.5-2) over (2.8.5-2) ...
Setting up man-db (2.8.5-2) ...
Updating database of manual pages ...
Processing triggers for mime-support (3.62) ...
We can see the different steps performed by dpkg; we know, thus, at what point any error may have occurred. The installation can also be effected in two stages: first unpacking, then configuration. apt takes advantage of this, limiting the number of calls to dpkg (since each call is costly, due to loading of the database in memory, especially the list of already installed files).

範例 5.3. 分開解壓與組態

# dpkg --unpack man-db_2.8.5-2_amd64.deb
(Reading database ... 14937 files and directories currently installed.)
Preparing to unpack man-db_2.8.5-2_amd64.deb ...
Unpacking man-db (2.8.5-2) over (2.8.5-2) ...
Processing triggers for mime-support (3.62) ...
# dpkg --configure man-db
Setting up man-db (2.8.5-2) ...
Updating database of manual pages ...
dpkg 安裝套件時偶而失敗並送回錯誤的訊息;若使用者要求忽略該等訊息,就能送出警示;這就是 --force-* 選項的用途。dpkg --force-help 命令,或此命令的文件,將提供完整的選項。最常發生的錯誤,遲早每個人都會碰到,就是檔案衝突。已被其他套件安裝使用的檔案,另個套件同時需要用到它時,dpkg 會於安裝時再次使手它。此時出現以下的訊息:
Unpacking libgdm (from .../libgdm_3.8.3-2_amd64.deb) ...
dpkg: 處理 /var/cache/apt/archives/libgdm_3.8.3-2_amd64.deb (--unpack) 時發生錯誤:
 試圖覆寫 '/usr/bin/gdmflexiserver',也同時在套件 gdm3 3.4.1-9 內
碰到此情況,若您認為取代此檔案不會對系統的穩定產生重大的風險 (通常如此),您可使用選項 --force-overwrite,告訴 dpkg 忽略此錯誤並覆寫該檔案。
--force-* 有很多選項,祗有 --force-overwrite 是固定使用的。這些選項祗存在於極為特殊的情況,最好是儘量不要碰它以尊重套件本身的機制。別忘了,這些機制確保系統的一致性與穩定性。

5.4.2. 移除套件

Invoking dpkg with the -r or --remove option, followed by the name of a package, removes that package. This removal is, however, not complete: all of the configuration files, maintainer scripts, log files (system logs) and other user data handled by the package remain. That way disabling the program is easily done by uninstalling it, and it is still possible to quickly reinstall it with the same configuration. To completely remove everything associated with a package, use the -P or --purge option, followed by the package name.

範例 5.4. 移除與清除 debian-cd 套件

# dpkg -r debian-cd
(Reading database ... 15915 files and directories currently installed.)
Removing debian-cd (3.1.25) ...
# dpkg -P debian-cd
(Reading database ... 15394 files and directories currently installed.)
Purging configuration files for debian-cd (3.1.25) ...

5.4.3. 查詢 dpkg 的資料庫與檢查 .deb 檔案

做結論前,我們將學習查詢內部資料庫以獲取資訊的 dpkg 選項。先給長版的選項再給對應的短版選項 (其參數是一樣的) 以 --listfiles 套件 (或 -L) 為例,列出該套件安裝的檔案清單;--search 檔案 (或 -S),尋找包括該檔案的套性;--status 套件 (或 -s),顯示該套件的標頭;--list (或 -l),顯示該系統內套件清單與安裝狀態;--contents file.deb (或 -c),列出 Debian 指定套件清單;--info file.deb (或 -I),列出該套件的標頭。

範例 5.5. dpkg 的各種查詢

$ dpkg -L base-passwd
/.
/usr
/usr/sbin
/usr/sbin/update-passwd
/usr/share
/usr/share/base-passwd
/usr/share/base-passwd/group.master
/usr/share/base-passwd/passwd.master
/usr/share/doc
/usr/share/doc/base-passwd
/usr/share/doc/base-passwd/README
/usr/share/doc/base-passwd/changelog.gz
/usr/share/doc/base-passwd/copyright
/usr/share/doc/base-passwd/users-and-groups.html
/usr/share/doc/base-passwd/users-and-groups.txt.gz
/usr/share/doc-base
/usr/share/doc-base/users-and-groups
/usr/share/lintian
/usr/share/lintian/overrides
/usr/share/lintian/overrides/base-passwd
/usr/share/man
/usr/share/man/de
/usr/share/man/de/man8
/usr/share/man/de/man8/update-passwd.8.gz
/usr/share/man/es
/usr/share/man/es/man8
/usr/share/man/es/man8/update-passwd.8.gz
/usr/share/man/fr
/usr/share/man/fr/man8
/usr/share/man/fr/man8/update-passwd.8.gz
/usr/share/man/ja
/usr/share/man/ja/man8
/usr/share/man/ja/man8/update-passwd.8.gz
/usr/share/man/man8
/usr/share/man/man8/update-passwd.8.gz
/usr/share/man/pl
/usr/share/man/pl/man8
/usr/share/man/pl/man8/update-passwd.8.gz
/usr/share/man/ru
/usr/share/man/ru/man8
/usr/share/man/ru/man8/update-passwd.8.gz
$ dpkg -S /bin/date
coreutils: /bin/date
$ dpkg -s coreutils
Package: coreutils
Essential: yes
Status: install ok installed
Priority: required
Section: utils
Installed-Size: 15719
Maintainer: Michael Stone <mstone@debian.org>
Architecture: amd64
Multi-Arch: foreign
Version: 8.30-3
Pre-Depends: libacl1 (>= 2.2.23), libattr1 (>= 1:2.4.44), libc6 (>= 2.28), libselinux1 (>= 2.1.13)
Description: GNU core utilities
 This package contains the basic file, shell and text manipulation
 utilities which are expected to exist on every operating system.
 .
 Specifically, this package includes:
 arch base64 basename cat chcon chgrp chmod chown chroot cksum comm cp
 csplit cut date dd df dir dircolors dirname du echo env expand expr
 factor false flock fmt fold groups head hostid id install join link ln
 logname ls md5sum mkdir mkfifo mknod mktemp mv nice nl nohup nproc numfmt
 od paste pathchk pinky pr printenv printf ptx pwd readlink realpath rm
 rmdir runcon sha*sum seq shred sleep sort split stat stty sum sync tac
 tail tee test timeout touch tr true truncate tsort tty uname unexpand
 uniq unlink users vdir wc who whoami yes
Homepage: http://gnu.org/software/coreutils
$ dpkg -l 'b*'
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name                       Version              Architecture Description
+++-====================-===============-===============-==================================================
un  backupninja          <none>          <none>          (no description available)
un  backuppc             <none>          <none>          (no description available)
un  baobab               <none>          <node>          (no description available)
un  base                 <none>          <none>          (no description available)
un  base-config          <none>          <none>          (no description available)
ii  base-files           11              amd64           Debian base system miscellaneous files
ii  base-passwd          3.5.46          amd64           Debian base system master password and group files
ii  bash                 5.0-4           amd64           GNU Bourne Again SHell
[..]
$ dpkg -c /var/cache/apt/archives/gnupg-utils_2.2.12-1_amd64.deb
drwxr-xr-x root/root         0 2018-12-15 02:17 ./
drwxr-xr-x root/root         0 2018-12-15 02:17 ./usr/
drwxr-xr-x root/root         0 2018-12-15 02:17 ./usr/bin/
-rwxr-xr-x root/root      3516 2018-12-15 02:17 ./usr/bin/gpg-zip
-rwxr-xr-x root/root    866256 2018-12-15 02:17 ./usr/bin/gpgcompose
-rwxr-xr-x root/root     30792 2018-12-15 02:17 ./usr/bin/gpgparsemail
-rwxr-xr-x root/root     84432 2018-12-15 02:17 ./usr/bin/gpgsplit
-rwxr-xr-x root/root    154952 2018-12-15 02:17 ./usr/bin/gpgtar
-rwxr-xr-x root/root    166568 2018-12-15 02:17 ./usr/bin/kbxutil
-rwxr-xr-x root/root      1081 2017-08-28 12:22 ./usr/bin/lspgpot
-rwxr-xr-x root/root      2194 2018-11-18 23:37 ./usr/bin/migrate-pubring-from-classic-gpg
-rwxr-xr-x root/root    121576 2018-12-15 02:17 ./usr/bin/symcryptrun
-rwxr-xr-x root/root     18424 2018-12-15 02:17 ./usr/bin/watchgnupg
drwxr-xr-x root/root         0 2018-12-15 02:17 ./usr/sbin/
-rwxr-xr-x root/root      3075 2018-12-15 02:17 ./usr/sbin/addgnupghome
-rwxr-xr-x root/root      2217 2018-12-15 02:17 ./usr/sbin/applygnupgdefaults
drwxr-xr-x root/root         0 2018-12-15 02:17 ./usr/share/
drwxr-xr-x root/root         0 2018-12-15 02:17 ./usr/share/doc/
[...]
$ dpkg -I /var/cache/apt/archives/gnupg-utils_2.2.12-1_amd64.deb
 new Debian package, version 2.0.
 size 857408 bytes: control archive=1844 bytes.
    1564 bytes,    32 lines      control              
    1804 bytes,    28 lines      md5sums              
 Package: gnupg-utils
 Source: gnupg2
 Version: 2.2.12-1
 Architecture: amd64
 Maintainer: Debian GnuPG Maintainers <pkg-gnupg-maint@lists.alioth.debian.org>
 Installed-Size: 1845
 Depends: libassuan0 (>= 2.0.1), libbz2-1.0, libc6 (>= 2.25), libgcrypt20 (>= 1.8.0), libgpg-error0 (>= 1.26-2~), libksba8 (>= 1.3.4), libreadline7 (>= 6.0), zlib1g (>= 1:1.1.4)
 Recommends: gpg, gpg-agent, gpgconf, gpgsm
 Breaks: gnupg (<< 2.1.21-4), gnupg-agent (<< 2.1.21-4)
 Replaces: gnupg (<< 2.1.21-4), gnupg-agent (<< 2.1.21-4)
 Section: utils
 Priority: optional
 Multi-Arch: foreign
 Homepage: https://www.gnupg.org/
 Description: GNU privacy guard - utility programs
  GnuPG is GNU's tool for secure communication and data storage.
  .
  This package contains several useful utilities for manipulating
  OpenPGP data and other related cryptographic elements.  It includes:
  .
   * addgnupghome -- create .gnupg home directories
   * applygnupgdefaults -- run gpgconf --apply-defaults for all users
   * gpgcompose -- an experimental tool for constructing arbitrary
                   sequences of OpenPGP packets (e.g. for testing)
   * gpgparsemail -- parse an e-mail message into annotated format
   * gpgsplit -- split a sequence of OpenPGP packets into files
   * gpgtar -- encrypt or sign files in an archive
   * kbxutil -- list, export, import Keybox data
   * lspgpot -- convert PGP ownertrust values to GnuPG
   * migrate-pubring-from-classic-gpg -- use only "modern" formats
   * symcryptrun -- use simple symmetric encryption tool in GnuPG framework
   * watchgnupg -- watch socket-based logs
[..]

5.4.4. dpkg 的日誌檔

dpkg 把所有的交易記錄存在名為 /var/log/dpkg.log 的日誌檔。這個日誌檔的內容頗為詳盡且囉唆,記錄套件被 dpkg 處理的每個程序。追蹤 dpkg 的每個作為之外,日誌檔還保留系統發展的記錄:可以覆查每個套件的安裝與移除步驟,對於瞭解最近的變動極有幫助。此外,還記錄所有的版本,可以交互檢查 changelog.Debian.gz 的內容,查看有問題的套件或線上的錯誤報告。

5.4.5. 多架構支援

Debian 套件在其控制資訊內有個 Architecture 欄位。其內容為 “all” (表示該套件不受架構限制) 或指出其適用的架構 (如 “amd64”、“armhf”、…)。以後例而言,主機的架構符合後,dpkg 才開始安裝該套件,並送回 dpkg --print-architecture
此限制確保使用者不會用到不合其架構的執行檔。除了可以執行多個架構的電腦之外,不論在地的 ( “amd64“ 系統可執行 “i386” 執行檔) 或虛擬的電腦都可找到適用的套件。

5.4.5.1. 啟用多架構

dpkg 的多架構支授允許使用者限制 “怪異的架構” 安裝在現行的系統上。以下例的 dpkg --add-architecture 就能做到。有個對應的 dpkg --remove-architecture 指令可以除去怪異的架構,不過祗發生於無套件可用時。
# dpkg --print-architecture
amd64
# dpkg --print-foreign-architectures
# dpkg -i gcc-8-base_8.3.0-6_armhf.deb
dpkg: error processing archive gcc-8-base_8.3.0-6_armhf.deb (--install):
 package architecture (armhf) does not match system (amd64)
Errors were encountered while processing:
 gcc-8-base_8.3.0-6_armhf.deb
# dpkg --add-architecture armhf
# dpkg --add-architecture armel
# dpkg --print-foreign-architectures
armhf
armel
# dpkg -i gcc-8-base_8.3.0-6_armhf.deb
(Reading database ... 14319 files and directories currently installed.)
Preparing to unpack gcc-8-base_8.3.0-6_armhf.deb ...
Unpacking gcc-8-base:armhf (8.3.0-6) ...
Setting up gcc-8-base:armhf (8.3.0-6) ...
# dpkg --remove-architecture armhf
dpkg: error: cannot remove architecture 'armhf' currently in use by the database
# dpkg --remove-architecture armel
# dpkg --print-foreign-architectures
armhf

5.4.5.2. 多架構相關的改變

To make multi-arch actually useful and usable, libraries had to be repackaged and moved to an architecture-specific directory so that multiple copies (targeting different architectures) can be installed alongside. Such updated packages contain the “Multi-Arch: same” header field to tell the packaging system that the various architectures of the package can be safely co-installed (and that those packages can only satisfy dependencies of packages of the same architecture). The most important libraries have been converted since the introduction of multi-arch in Debian 7 Wheezy, but there are many libraries that will likely never be converted unless someone specifically requests it (through a bug report for example).
$ dpkg -s gcc-8-base
dpkg-query: error: --status needs a valid package name but 'gcc-8-base' is not: ambiguous package name 'gcc-8-base' with more than one installed instance

Use --help for help about querying packages.
$ dpkg -s gcc-8-base:amd64 gcc-8-base:armhf | grep ^Multi
Multi-Arch: same
Multi-Arch: same
$ dpkg -L libgcc1:amd64 |grep .so
/lib/x86_64-linux-gnu/libgcc_s.so.1
$ dpkg -S /usr/share/doc/gcc-8-base/copyright
gcc-8-base:amd64, gcc-8-base:armhf: /usr/share/doc/gcc-8-base/copyright
Multi-Arch: same 套件的名稱必須符合其架構才能被明確的指認出來。也可能以相同的套件在其他情況下共享檔案;共享時,dpkg 確認所有套件的每個位元都相同。最後但不是最不重要,套件的所有實例必須使用相同的版本。也必須一起更新。
多架構支援帶來處理相依性的有趣挑戰。滿足相依性的套件標示為 “Multi-Arch: foreign” 或宣告其匹配架構的相依性 (在這種相依性解決過程中,假設架構獨立的套件與主機不同)。相依性可能被弱化以允許納入其他架構,以 套件:any 語法,但怪異套件祗需滿足一個相依性,如果標示為 “Multi-Arch: allowed”。