Deb (file format)

Last updated
Debian package
Application-x-deb.svg
The GNOME icon for deb files.
(Showing the Debian logo on a package)
Filename extension
.deb, .udeb
Internet media type
application/vnd.debian.binary-package [1]
Developed by Debian
Type of format Package management system
Container for Software package
Extended from ar archive, tarball
Website deb format specification

deb is the format, as well as extension of the software package format for the Debian Linux distribution and its derivatives.

Contents

Design

GDebi installing a .deb package Gdebi.png
GDebi installing a .deb package

Debian packages are standard Unix ar archives that include two tar archives. One archive holds the control information and another contains the installable data. [2]

dpkg provides the basic functionality for installing and manipulating Debian packages. Generally end users don't manage packages directly with dpkg but instead use the APT package management software or other APT front-ends such as aptitude (nCurses) and synaptic (GTK). [3]

Debian packages can be converted into other package formats and vice versa using alien, and created from source code using checkinstall or the Debian Package Maker. [4]

Some core Debian packages are available as udebs ("micro debs"), and are typically used only for bootstrapping a Debian installation. Although these files use the udeb filename extension, they adhere to the same structure specification as ordinary deb files. However, unlike their deb counterparts, udeb packages contain only essential functional files. [5] In particular, documentation files are normally omitted. udeb packages are not installable on a standard Debian system, but are used in Debian-Installer.

Implementation

Diagram showing an example file structure of a .deb file Deb File Structure.svg
Diagram showing an example file structure of a .deb file
Frhed hex editor displaying the raw data of a Debian package. Frhed hex editor displaying deb package.png
Frhed hex editor displaying the raw data of a Debian package.

Prior to Debian 0.93, a package consisted of a file header and two concatenated gzip archives. [6] Since Debian 0.93, a deb package is implemented as an ar archive. [7] This archive contains three files in a specific order: [8] [9]

  1. debian-binary - A text file named debian-binary containing a single line giving the package format version number. (2.0 for current versions of Debian). [9]
  2. control archive - A tar archive named control.tar contains the maintainer scripts and the package meta-information (package name, version, dependencies and maintainer). Compressing the archive with gzip or xz and zstd is supported. The file extension changes to indicate the compression method. [9] [2]
  3. data archive - A tar archive named data.tar contains the actual installable files. Compressing the archive with gzip, bzip2, lzma or xz and zstd is supported. The file extension changes to indicate the compression method. [9] [2]

Control archive

The control archive contents can include the following files:

Signed packages

Debian-based distributions support OpenPGP signature verification of signed Debian packages, but most (if not all) have this feature disabled by default. [20] Instead packages are verified by signing the repository metadata (i.e. Release files). The metadata files in turn include checksums for the repository files as a means to verify authenticity of the files. [21] [22] Currently there are two different implementations for signing individual packages. The first is done via the debsigs / debsig-verify toolset, which is supported by dpkg. [20] [23] The second is done through the dpkg-sig program which is not supported by dpkg, so the packages have to be manually checked with the dpkg-sig program. [20] [24] [25] [26] Both formats add new sections to the ar archive to store the signature information, but the formats are not compatible with one another. [20] Neither of the modifications to the package format are listed in the official Debian handbook or man page about the binary package format. [27] [8]

Adoption

See also

Related Research Articles

<span class="mw-page-title-main">Debian</span> Linux distribution based on free and open-source software

Debian, also known as Debian GNU/Linux, is a Linux distribution composed of free and open-source software, developed by the community-supported Debian Project, which was established by Ian Murdock on August 16, 1993. The first version of Debian (0.01) was released on September 15, 1993, and its first stable version (1.1) was released on June 17, 1996. The Debian Stable branch is the most popular edition for personal computers and servers. Debian is also the basis for many other distributions, most notably Ubuntu.

<span class="mw-page-title-main">Package manager</span> Software tools for handling software packages

A package manager or package-management system is a collection of software tools that automates the process of installing, upgrading, configuring, and removing computer programs for a computer in a consistent manner.

<span class="mw-page-title-main">APT (software)</span> Free software package management system

Advanced package tool, or APT, is a free-software user interface that works with core libraries to handle the installation and removal of software on Debian, and Debian-based Linux distributions. APT simplifies the process of managing software on Unix-like computer systems by automating the retrieval, configuration and installation of software packages, either from precompiled files or by compiling source code.

dpkg is the software at the base of the package management system in the free operating system Debian and its numerous derivatives. dpkg is used to install, remove, and provide information about .deb packages.

<span class="mw-page-title-main">Fink (software)</span> Project to port and package open-source Unix software to macOS

The Fink project is an effort to port and package open-source Unix programs to macOS. Fink uses dpkg and APT, as well as its own frontend program, fink.

<span class="mw-page-title-main">Portage (software)</span> Gentoo package management system

Portage is a package management system originally created for and used by Gentoo Linux and also by ChromeOS, Calculate, Sabayon, and Funtoo Linux among others. Portage is based on the concept of ports collections. Gentoo is sometimes referred to as a meta-distribution due to the extreme flexibility of Portage, which makes it operating-system-independent. The Gentoo/Alt project was concerned with using Portage to manage other operating systems, such as BSDs, macOS and Solaris. The most notable of these implementations is the Gentoo/FreeBSD project.

Wajig is a simplified wrapper to Debian's package management system dpkg/APT. Wajig provides the functionality of apt-get, dpkg, dpkg-deb, apt-cache and other tools. These tools launch as a subprocess. Wajig also provides extra functionality beyond that of the stock apt and dpkg tools. For example, the command wajig sizes provides a listing of all installed packages and the amount of disk space they require, from smallest to largest.

The following tables compare general and technical information for a number of file archivers. Please see the individual products' articles for further information. They are neither all-inclusive nor are some entries necessarily up to date. Unless otherwise specified in the footnotes section, comparisons are based on the stable versions—without add-ons, extensions or external programs.

Alien is a computer program that converts between different Linux package formats, created by Joey Hess and presently maintained by Kyle Barry.

<span class="mw-page-title-main">PeaZip</span> File archive computer program

PeaZip is a free and open-source file manager and file archiver for Microsoft Windows, ReactOS, Linux, MacOS and BSD made by Giorgio Tani. It supports its native PEA archive format and other mainstream formats, with special focus on handling open formats. It supports 226 file extensions.

A software repository, or repo for short, is a storage location for software packages. Often a table of contents is also stored, along with metadata. A software repository is typically managed by source control or repository managers. Package managers allow automatically installing and updating repositories.

The Debian build toolchain is a collection of software utilities used to create Debian source packages (.dsc) and Debian binary packages from upstream source tarballs.

<span class="mw-page-title-main">RPM Package Manager</span> Package management system

RPM Package Manager (RPM) is a free and open-source package management system. The name RPM refers to the .rpm file format and the package manager program itself. RPM was intended primarily for Linux distributions; the file format is the baseline package format of the Linux Standard Base.

XZ Utils is a set of free software command-line lossless data compressors, including the programs lzma and xz, for Unix-like operating systems and, from version 5.0 onwards, Microsoft Windows. For compression/decompression the Lempel–Ziv–Markov chain algorithm (LZMA) is used. XZ Utils started as a Unix port of Igor Pavlov's LZMA-SDK that has been adapted to fit seamlessly into Unix environments and their usual structure and behavior.

<span class="mw-page-title-main">Linux-libre</span> Version of the Linux kernel without proprietary code

Linux-libre is a modified version of the Linux kernel that contains no binary blobs, obfuscated code, or code released under proprietary licenses. In the Linux kernel, they are mostly used for proprietary firmware images. While generally redistributable, binary blobs do not give the user the freedom to audit, modify, or, consequently, redistribute their modified versions. The GNU Project keeps Linux-libre in synchronization with the mainline Linux kernel.

illumos Free software implementation of the Solaris kernel

Illumos is a partly free and open-source Unix operating system. It is based on OpenSolaris, which was based on System V Release 4 (SVR4) and the Berkeley Software Distribution (BSD). Illumos comprises a kernel, device drivers, system libraries, and utility software for system administration. This core is now the base for many different open-sourced illumos distributions, in a similar way in which the Linux kernel is used in different Linux distributions.

lzip Data compression utility

lzip is a free, command-line tool for the compression of data; it employs the Lempel–Ziv–Markov chain algorithm (LZMA) with a user interface that is familiar to users of usual Unix compression tools, such as gzip and bzip2.

A delta update is a software update that only requires the user to download those parts of the software's code which are new, or have been changed from their previous state, in contrast to having to download the entire program. The use of delta updates can save significant amounts of time and computing bandwidth. The name delta derives from the mathematical science use of the Greek letter delta, Δ or δ to denote change.

References

  1. "Media Type Registration for vnd.debian.binary-package". Internet Assigned Numbers Authority . Retrieved 21 May 2014.
  2. 1 2 3 Raphaël Hertzog (17 Sep 2010). "How to create Debian packages with alternative compression methods". raphaelhertzog.com. Retrieved 26 Aug 2016.
  3. "Debian Courses/Maintaining Packages/Packages Management". debian.org. 31 Oct 2010. Retrieved 26 Aug 2016.
  4. "Overview of Debian Maintainer Tools / Alien". debian.org. n.d. Retrieved 26 Aug 2016.
  5. "Chapter 3. D-I components or udebs". debian.org. n.d. Archived from the original on 3 December 2011. Retrieved 26 Aug 2016.
  6. "deb-old(5) man page: Debian old binary package format". manpages.debian.org. Retrieved 2017-04-23.
  7. Lucas Nussbaum (16 Oct 2014). "Debian Packaging Tutorial" (PDF). debian.org. Retrieved 26 Aug 2016.
  8. 1 2 "deb(5) man page: Debian binary package format". manpages.debian.org. Retrieved 2017-04-23.
  9. 1 2 3 4 "Debian Binary Package Building HOWTO/3. Package Structure". tldp.org. n.d. Retrieved 26 Aug 2016.
  10. "deb-control(5) man page: Debian packages' master control file format". manpages.debian.org. Retrieved 2017-04-23.
  11. "Debian Policy Manual Chapter 5 - Control files and their fields". debian.org. 30 Mar 2016. Retrieved 26 Aug 2016.
  12. Josip Rodin and Osamu Aoki (9 Jun 2015). "Debian New Maintainers' Guide - Ch4 Required files under the debian directory". debian.org. Retrieved 26 Aug 2016.
  13. "Debian Policy Manual Ch7 - Declaring relationships between packages". debian.org. 30 Mar 2016. Retrieved 26 Aug 2016.
  14. "The Debian Administrator's Handbook - Package Meta-Information". debian-handbook.info. n.d. Retrieved 26 Aug 2016.
  15. 1 2 "Chapter 7. Basics of the Debian package management system". debian.org. 12 August 2019. Retrieved 27 May 2021.
  16. "Debian Maintainer Scripts". debian.org. 11 Oct 2012. Retrieved 26 Aug 2016.
  17. Joey Hess (n.d.). "The Debconf Programmer's Tutorial - The Config Script". fifi.org. Retrieved 26 Aug 2016.
  18. "dpkg-shlibdeps(1) man page". manpages.debian.org. Retrieved 2017-04-23.
  19. "Debian Policy - 8.6 Dependencies between the library and other packages". debian.org. 30 Mar 2016. Retrieved 26 Aug 2016.
  20. 1 2 3 4 Joe Damato (28 Oct 2014). "HOWTO: GPG sign and verify deb packages and APT repositories". packagecloud.io. Retrieved 26 Aug 2016.
  21. "APT repository internals". packagecloud.io. 4 Aug 2015. Retrieved 26 Aug 2016.
  22. "SecureApt - All about secure apt". debian.org. 22 Sep 2015. Retrieved 26 Aug 2016.
  23. "debsig-verify(1) man page". manpages.debian.org. Retrieved 2017-04-23.
  24. "debsigs(1) man page". manpages.debian.org. Retrieved 2017-04-23.
  25. Andreas Barth (29 Dec 2003). "Integrating signatures into Debian archive files". turmzimmer.net. Archived from the original on 2006-02-22. Retrieved 29 Dec 2003.{{cite web}}: CS1 maint: bot: original URL status unknown (link)
  26. "policy for debsigs". turmzimmer.net. 1 Feb 2004. Archived from the original on 2006-07-14. Retrieved 1 Feb 2004.{{cite web}}: CS1 maint: bot: original URL status unknown (link)
  27. "The Debian Administrator's Handbook - Ch5. Packaging System: Tools and Fundamental Principles". debian.org. n.d. Retrieved 26 Aug 2016.
  28. "Fink FAQ - General Questions". finkproject.org. 6 Jun 2015. Retrieved 26 Aug 2016.
  29. "Fink FAQ - Installing, Using and Maintaining Fink". finkproject.org. 6 Jun 2015. Retrieved 26 Aug 2016.
  30. Jay Freeman (n.d.). "Bringing Debian APT to the iPhone". saurik.com. Retrieved 26 Aug 2016.
  31. Erica Sadun (28 Feb 2008). "Debian-style installation arrives on iPhone". engadget.com. Retrieved 26 Aug 2016.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.