====== General Information ====== ===== What are the packages we make ? ===== We package different software into easy-installable RPM package aiming at an easy software installation and de-installation. Primarily we package software that is either not found in the distribution at all or only in an older version. ===== Can I trust your packages ? ===== I've heard that binary packages lead to a bunch of troubles. Is installing your packages safe? ===== Before you install a package you can examine it for hidden troubles or clever tricks. # rpm -qpil --changelog --scripts packagename.rpm | less Now you can see who built the package, what changed since the last release, which files will be installed on your system and which scripts will be run before or after the installation. Furthermore all our packages are signed, so that you can see who built the package, whether it was downloaded completely or maliciously altered. You can do this in a few different ways: you should have installed GnuPG (starting from version 1.x) or PGP (starting from version 5.x) (PGP version 2.x does not function!) GNU Privacy Guard homepage: http://www.gnupg.org Pretty Good Privacy homepage: http://www.pgpi.net First you need the public key of the packager: In case of GnuPG: $ lynx --dump ftp://ftp.links2linux.de/pub/packman/public-keys.asc |gpg --import Or download and import the file ftp://ftp.links2linux.de/pub/packman/public-keys.asc $ gpg --import public-keys.asc In case of PGP: $ lynx --dump ftp://ftp.links2linux.de/pub/packman/public-keys.asc | pgp -fka Or download the file ftp://ftp.links2linux.de/pub/packman/public-keys.asc and import as follows: $ pgp -ka public-keys.asc With RPM and GNU Privacy Guard: First you have to import the Packman key into the RPM database: $ rpm --import public-keys.asc Then you must create a file called .rpmmacros (as a user) with the following contents: $ vi ~/.rpmmacros %_signature gpg %_gpg_name Waldemar Brodkorb (Linux rulez!) %_gpg_path /home/waldemar/.gnupg/ %_gpg_bin /usr/bin/gpg of course adapted to your data. : -) Now you can check the packages before installing: $ rpm -vK packagename.rpm ==== problems with apt ==== I've got problems importing the keys with // rpm --import // on Suse 10.0. //apt-get// refused to install the packages due to missing signatures. $ apt-get upgrade … Checking GPG of signatures… Unknown signature /var/cache/apt/archives/alsa_1.0.13-0.pm.0_i586.rpm: (SHA1) DSA sha1 md5 (GPG) EMERGENCY of OK ONE (MISSING KEY: GPG#5277a2fa) … E: Error (s) while checking package signatures: 0 unsigned package (s) 9 package (s) with unknown signatures 0 package (s) with illegally/corrupted signatures E: Handler silently failed An import of the public keys like described above did not work: $ RPM - qa gpg-pubkey* > ~/gpg-pubkey1 $ RPM --import ftp://ftp.links2linux.de/pub/packman/public-keys.asc $ RPM - qa gpg-pubkey* > ~/gpg-pubkey2 $ diff - u ~/gpg pubkey? -- /root/gpg-pubkey1 2006-10-20 17:44: 57.000000000 +0200 +++ /root/gpg-pubkey2 2006-10-20 17:45: 44.000000000 +0200 @@ -1.5 +1.6 @@ gpg-pubkey-15c17deb-3f9e80c9 gpg-pubkey-3d25d3d9-36e12d04 gpg-pubkey-9c800aca-40d8063e +gpg-pubkey-ddaf6454-3777ac55 gpg-pubkey-0dfb3188-41ed929b gpg-pubkey-ddaf6454-3777ac55 Apparently RPM has a problem with the import of multiple keys from a single file and only the first public key gets imported. Therefore I installed the //rpmkey-packman// package, which contains all author keys as individual files: $ rpm - i ftp://ftp.gwdg.de/pub/linux/suse/apt/SuSE/10.0-i386/RPMS.rpmkeys/rpmkey-packman-0.3.2-0.pm.1.noarch.rpm warning: /var/tmp/rpm-xfer.G9W6RC: V3 DSA signature: NOKEY, key ID 5277a2fa $ rpm - ql rpmkey-packman /etc/yum.repos.d/packman.repo /usr/lib/rpm/gnupg/packman-andsch.asc /usr/lib/rpm/gnupg/packman-andsch_alt.asc /usr/lib/rpm/gnupg/packman-bwalle.asc /usr/lib/rpm/gnupg/packman-chrhae.asc /usr/lib/rpm/gnupg/packman-detrei.asc /usr/lib/rpm/gnupg/packman-henmuh.asc /usr/lib/rpm/gnupg/pack man-henvol.asc /usr/lib/rpm/gnupg/packman-henvol_alt.asc /usr/lib/rpm/gnupg/packman-hergra.asc /usr/lib/rpm/gnupg/packman-hergra_alt.asc /usr/lib/rpm/gnupg/packman-konmal.asc /usr/lib/rpm/gnupg/packman-leofre.asc /usr/lib/rpm/gnupg/packman-leofre_alt.asc /usr/lib/rpm/gnupg/packman-leofre_alt2.asc /usr/lib/rpm/gnupg/packman-mantre.asc /usr/lib/rpm/gnupg/packman-marhue.asc /usr/lib/rpm/gnupg/packman-marsch.asc /usr/lib/rpm/gnupg/packman-oliben.asc /usr/lib/rpm/gnupg/packman-pasble.asc /usr/lib/rpm/gnupg/packman-pasble_alt.asc /usr/lib/rpm/gnupg/packman-queden.asc /usr/lib/rpm/gnupg/packman-railay.asc /usr/lib/rpm/gnupg/packman-railay_alt.asc /usr/lib/rpm/gnupg/packman-ralcor.asc /usr/lib/rpm/gnupg/packman-robrak.asc /usr/lib/rpm/gnupg/packman-thomue.asc /usr/lib/rpm/gnupg/packman-tongra.asc That is not sufficient however, the asc files still have to be manually imported: //(someone please check if it is still the case// $ rpm -ql rpmkey-packman | grep asc | xargs rpm --import Now RPM is aware of all the keys: $ rpm -qa gpg-pubkey* > ~/gpg-pubkey3 $ diff -u ~/gpg-pubkey{1,3} --- /root/gpg-pubkey1 2006-10-20 17:44:57.000000000 +0200 +++ /root/gpg-pubkey3 2006-10-20 17:55:29.000000000 +0200 @@ -1,5 +1,33 @@ +gpg-pubkey-5f6842a4-40b09936 +gpg-pubkey-f9558872-430f586f +gpg-pubkey-8ff214b4-3afa5d46 gpg-pubkey-15c17deb-3f9e80c9 +gpg-pubkey-3ab2ce5e-41a4c011 +gpg-pubkey-f2c6a54e-43d171bc +gpg-pubkey-27db6f5b-4140d446 gpg-pubkey-3d25d3d9-36e12d04 +gpg-pubkey-f33e3fc6-443ed5fc +gpg-pubkey-7fdcef8b-3da540d4 +gpg-pubkey-1be4d89e-434835df +gpg-pubkey-4efd697e-4453afce +gpg-pubkey-a16ea024-4374cbc5 +gpg-pubkey-807235a8-3e26a1bc +gpg-pubkey-95702b3b-3c6a5ee4 gpg-pubkey-9c800aca-40d8063e +gpg-pubkey-ddaf6454-3777ac55 +gpg-pubkey-ddaf6454-3a577225 +gpg-pubkey-03775059-3f045e14 +gpg-pubkey-08a568c6-3be86b1b +gpg-pubkey-5277a2fa-40bf6e67 +gpg-pubkey-58857177-3d946b70 +gpg-pubkey-cd3140cd-3d468b40 +gpg-pubkey-1dfa8f0c-41540ae2 gpg-pubkey-0dfb3188-41ed929b gpg-pubkey-ddaf6454-3777ac55 +gpg-pubkey-cddd4d64-450c55e0 +gpg-pubkey-4efd697e-4453aa9e +gpg-pubkey-58857177-3fbba87b +gpg-pubkey-f4500075-43fde72f +gpg-pubkey-dcb8fafe-3eca9611 +gpg-pubkey-35a64134-3a57e000 +gpg-pubkey-42d5f51f-2f05e27b Solution: you have to run the install command as follows: //apt install rpmkey-*//. Only the //apt// wrapper script imports the keys into the rpm database! ===== Where do I find other RPMs for SuSE? ===== Some projects build RPMs for SuSE on their own, so the first place to look for the packages is the project site. Other useful sources are: http://software.opensuse.org/search openSUSE Buildservice - current packages, with search interfaces and Benji Weber's One Click Install http://www.mathematik.uni-wuerzburg.de/~vaeth/specs/ some.spec files, from that RPMs can be built, and a few RPMs ====== Software installation, updates, deinstallation ====== ===== How do I install the software packages? ===== There are three possibilities: over YaST, manually or over apt4rpm. ==== YaST ==== The YaST way is the simplest one. What you have to do is to add the Packman repository in YaST. Once you have done that, you may search for Packman packages in YaST //Install and Remove Software// interface and benefit from the automatic dependency resolution. This method is the recommended method for all users. [[Image:Repo.png|A screenshot of the Add Repository window in YaST]] To add the Packman repository as a package, go to YaST->Software repositories, and then add a mirror from the list ftp://packman.links2linux.de/pub/packman/MIRRORS as a server and suse/10.3 as a directory (change the number to your SuSE version) Or if you use zypper (the command-line software installer in openSUSE 10.2 and newer), run $ zypper ar http:///suse/10.3 Packman as root. ==== Manual installation ==== You have to download the packages on your own, and you have no automatic dependency resolution. For larger files a download manager is recommended, e.g. wget. $ wget -nH -nd -c "address" Then you can install the package as root into your system. $ rpm -Uvh package1.rpm package2.rpm… Please make sure that you downloaded all the dependencies and are installing them with a single //rpm -Uvh// call, otherwise rpm will complain. ===== How do I update the software packages? ===== This depends on whether you install packages over YaST, manually or over apt4rpm. ==== YaST ==== For the updates to work, the Packman entry must be activated in the //Software Repositories// screen and updated, either by enabling the automatic update (on by default) or updating manually. After that, if a new package exists, it will show in blue in the //Software management// screen, if a newer version is installed than is available in the repositories, it will be shown in red. ==== Manually ==== Run a //rpm -Uvh// command over manually downloaded RPMs, as described in the manual installation section. ===== How can I be informed about new or updated packages? ===== There are several possibilities: * On the Packman main page http://packman.links2linux.de/ updated and new packages are listed * There is a news feed (RDF) found here: http://packman.links2linux.de/rdf/packman_de.rdf. * You can look for updates in YaST //Software management// interface, the packages with a newer version will be showed in blue. ===== How do I deinstall the software packages? ===== Either from the YaST //Software management// interface, or by running the following as root: $ rpm -e packagename If you cannot find the exact package name, look for it with grep $ rpm -qa | grep -i word Or if you know a file that is certainly in the package: $ rpm -qf path/to/the/filename ===== What if I have troubles with a package? ===== Simply send an E-Mail with the exact error description to the Packman mailing list: packman  links2linux.de. If you do not know exactly which information about your system is needed? Point out at least your SUSE version and the package name and the version. ===== Why don't you build some of the devel RPMs anymore? ===== We still do, but they are named differently now. To prevent conflicts caused by different versions of the same library, as well to prevent forced installation of unneeded files, libraries packaged for Suse 10.3 must adhere to the new packaging policy (http://en.opensuse.org/Shared_Library_Packaging_Policy). Shortly explained: The package ktoblzcheck is now split into three different packages: - ktoblzcheck (the binaries, data files, etc.) - libktoblzcheckX (the shared library libktoblzcheck.so.X, if it is used by other programs) and - libktoblzcheck-devel (all headers and development files) So if another program needs libktoblzcheck.so.X, it will request just the libktoblzcheckX package as a dependency, and no more the ktoblzcheck package. ====== Building and taking packages apart by yourself ====== ===== What if a package is not available for my distribution? ===== Since for every package a source package (.src.rpm) is available, you can easily build a package for your distribution from a source package $ rpmbuild --rebuild package.src.rpm If all libraries and headers are already installed, a RPM will be built that can be installed with $ rpm -Uvh /usr/src/packages/RPMS/i386/paketname.rpm If there are missing packages necessary for the build, RPM will inform you about the missing dependencies. You should take into consideration, that software built on a newer distribution may not be executable on an older one. ===== What do I do if a package is missing a feature or a patch? ===== Again, as source RPMs are available for every package, you can build the package yourself. First extract the source RPM: $ rpm -i package.src.rpm You find the SPEC files under /usr/src/packages/SPECS/, and the source tarball in /usr/src/packages/SOURCES/ The .spec file contains all information for building a package from source, such as what commands are to be executed during the installation, where do what files reside after the installation, the compile options etc. Then edit the .spec file and rebuild the RPM with $ rpmbuild -bb paketname.spec (A better solution would be to use the //build// script, that comes with the //build// package, since it provides (among many other useful features) build dependency resolution and downloading, and builds the package in a special chroot, which ensures that all the build dependencies and //only// them are installed) After that procedure a plain RPM will be built, which can be installed afterwards. You should also inform the packager (preferably via E-Mail) so that he knows that his package is missing a feature or is misconfigured. ===== How do I extract individual files from the RPMs/SRPMs ===== To show the list of the files contained in the RPM, run $ rpm2cpio package.rpm | cpio --list or $ rpm -qlp package.rpm After that you can extract individual files: $ rpm2cpio package.rpm | cpio --extract filename ===== Where do I find information about changes in the new package versions? ===== Changes related to the packaging are usually found in the changelog of the package, which can be viewed with: $ rpm -qp --changelog packagename.rpm Usually however the changes in the program itself are more interesting. These are usually found in a file called CHANGES or CHANGELOG, which is installed into under /usr/share/doc/packages//. The following command shows what other documentation does the package contain: $ rpm -qd packagename.rpm Beyond that the changes are to be usually found on the homepage of the program. The project homepage URL is usually at the Packman package overview site (http://packman.links2linux.org/package/). If the site reference is missing, then it is a good idea to look for the project homepage or the changelog link at Freshmeat.net, since almost every program is registered at Freshmeat. ===== Where do I find more information on building RPMs? ===== Maximum RPM: http://www.rpm.org/max-rpm/ (a must-read for every RPM builder) RPM HowTo: http://www.ibiblio.org/pub/Linux/docs/HOWTO/other-formats/html_single/RPM-HOWTO.html RPM manpage: $ man rpm ====== I have an idea for a package ! ====== ===== I have an interesting package for Packman. Can I upload my package to your repository? ===== If your package is built with //rpmbuild// and not with //checkinstall//, send an E-mail to the Mailinglist packman  links2linux.de. Usually however we do **not** host externally-built RPMs, since all our RPMs are digitally signed and we have high quality claims on them. However someone from Packman team may take care of your RPM. In this case he will rebuild and upload it and possibly maintain it in the future. You are also free to become a member of our team and thus take care of your package by yourself. Read the next chapter on this! ===== Can I help with the project? ===== Yes, just let us know in freenode irc on #packman and we'll clarify everything. As a Packman member you'll have to be prepared to dedicate a fixed amount of your free time for package maintenance. Once built packages are usually maintained further on; as soon as there is a version of the software more current than available within SUSE repositories, it should be updated. You have to bring along a certain amount of knowledge about the RPMs, or at least the will to learn it (it's not that hard, really not) We have some scripts which help out with the RPM maintenance greatly, however they cannot substitute the human work. There are a few guidelines on RPM packaging you must adhere to. You must count with you also on increased a Internet Traffic, since you must download the current software-Versions, your SUSE system on the current conditions to hold and your packages to luggage one ftp to high-load must. Would be ideal, if you could build packages in each case for the current SUSE version and for the one before it. That means in addition, doubled care expenditure for your system!