We package different software into easy-installable RPM package aiming at an easy software installation and de-installation. Primarily we package software that is either not found in the distribution at all or only in an older version.
I've heard that binary packages lead to a bunch of troubles. Is installing your packages safe?
Before you install a package you can examine it for hidden troubles or clever tricks.
# rpm -qpil --changelog --scripts packagename.rpm | less
Now you can see who built the package, what changed since the last release, which files will be installed on your system and which scripts will be run before or after the installation.
Furthermore all our packages are signed, so that you can see who built the package, whether it was downloaded completely or maliciously altered.
You can do this in a few different ways: you should have installed GnuPG (starting from version 1.x) or PGP (starting from version 5.x)
(PGP version 2.x does not function!) GNU Privacy Guard homepage: http://www.gnupg.org Pretty Good Privacy homepage: http://www.pgpi.net
First you need the public key of the packager: In case of GnuPG:
$ lynx --dump ftp://ftp.links2linux.de/pub/packman/public-keys.asc |gpg --import
Or download and import the file ftp://ftp.links2linux.de/pub/packman/public-keys.asc
$ gpg --import public-keys.asc
In case of PGP:
$ lynx --dump ftp://ftp.links2linux.de/pub/packman/public-keys.asc | pgp -fka
Or download the file ftp://ftp.links2linux.de/pub/packman/public-keys.asc and import as follows:
$ pgp -ka public-keys.asc
With RPM and GNU Privacy Guard:
First you have to import the Packman key into the RPM database:
$ rpm --import public-keys.asc
Then you must create a file called .rpmmacros (as a user) with the following contents:
$ vi ~/.rpmmacros %_signature gpg %_gpg_name Waldemar Brodkorb (Linux rulez!) <brodkorb@onlinehome.de> %_gpg_path /home/waldemar/.gnupg/ %_gpg_bin /usr/bin/gpg
of course adapted to your data. : -)
Now you can check the packages before installing:
$ rpm -vK packagename.rpm
I've got problems importing the keys with rpm –import on Suse 10.0. apt-get refused to install the packages due to missing signatures.
$ apt-get upgrade … Checking GPG of signatures… Unknown signature /var/cache/apt/archives/alsa_1.0.13-0.pm.0_i586.rpm: (SHA1) DSA sha1 md5 (GPG) EMERGENCY of OK ONE (MISSING KEY: GPG#5277a2fa) … E: Error (s) while checking package signatures: 0 unsigned package (s) 9 package (s) with unknown signatures 0 package (s) with illegally/corrupted signatures E: Handler silently failed
An import of the public keys like described above did not work:
$ RPM - qa gpg-pubkey* > ~/gpg-pubkey1 $ RPM --import ftp://ftp.links2linux.de/pub/packman/public-keys.asc $ RPM - qa gpg-pubkey* > ~/gpg-pubkey2 $ diff - u ~/gpg pubkey? -- /root/gpg-pubkey1 2006-10-20 17:44: 57.000000000 +0200 +++ /root/gpg-pubkey2 2006-10-20 17:45: 44.000000000 +0200 @@ -1.5 +1.6 @@ gpg-pubkey-15c17deb-3f9e80c9 gpg-pubkey-3d25d3d9-36e12d04 gpg-pubkey-9c800aca-40d8063e +gpg-pubkey-ddaf6454-3777ac55 gpg-pubkey-0dfb3188-41ed929b gpg-pubkey-ddaf6454-3777ac55
Apparently RPM has a problem with the import of multiple keys from a single file and only the first public key gets imported. Therefore I installed the rpmkey-packman package, which contains all author keys as individual files:
$ rpm - i ftp://ftp.gwdg.de/pub/linux/suse/apt/SuSE/10.0-i386/RPMS.rpmkeys/rpmkey-packman-0.3.2-0.pm.1.noarch.rpm warning: /var/tmp/rpm-xfer.G9W6RC: V3 DSA signature: NOKEY, key ID 5277a2fa $ rpm - ql rpmkey-packman /etc/yum.repos.d/packman.repo /usr/lib/rpm/gnupg/packman-andsch.asc /usr/lib/rpm/gnupg/packman-andsch_alt.asc /usr/lib/rpm/gnupg/packman-bwalle.asc /usr/lib/rpm/gnupg/packman-chrhae.asc /usr/lib/rpm/gnupg/packman-detrei.asc /usr/lib/rpm/gnupg/packman-henmuh.asc /usr/lib/rpm/gnupg/pack man-henvol.asc /usr/lib/rpm/gnupg/packman-henvol_alt.asc /usr/lib/rpm/gnupg/packman-hergra.asc /usr/lib/rpm/gnupg/packman-hergra_alt.asc /usr/lib/rpm/gnupg/packman-konmal.asc /usr/lib/rpm/gnupg/packman-leofre.asc /usr/lib/rpm/gnupg/packman-leofre_alt.asc /usr/lib/rpm/gnupg/packman-leofre_alt2.asc /usr/lib/rpm/gnupg/packman-mantre.asc /usr/lib/rpm/gnupg/packman-marhue.asc /usr/lib/rpm/gnupg/packman-marsch.asc /usr/lib/rpm/gnupg/packman-oliben.asc /usr/lib/rpm/gnupg/packman-pasble.asc /usr/lib/rpm/gnupg/packman-pasble_alt.asc /usr/lib/rpm/gnupg/packman-queden.asc /usr/lib/rpm/gnupg/packman-railay.asc /usr/lib/rpm/gnupg/packman-railay_alt.asc /usr/lib/rpm/gnupg/packman-ralcor.asc /usr/lib/rpm/gnupg/packman-robrak.asc /usr/lib/rpm/gnupg/packman-thomue.asc /usr/lib/rpm/gnupg/packman-tongra.asc
That is not sufficient however, the asc files still have to be manually imported: (someone please check if it is still the case
$ rpm -ql rpmkey-packman | grep asc | xargs rpm --import
Now RPM is aware of all the keys:
$ rpm -qa gpg-pubkey* > ~/gpg-pubkey3
$ diff -u ~/gpg-pubkey{1,3}
--- /root/gpg-pubkey1 2006-10-20 17:44:57.000000000 +0200
+++ /root/gpg-pubkey3 2006-10-20 17:55:29.000000000 +0200
@@ -1,5 +1,33 @@
+gpg-pubkey-5f6842a4-40b09936
+gpg-pubkey-f9558872-430f586f
+gpg-pubkey-8ff214b4-3afa5d46
gpg-pubkey-15c17deb-3f9e80c9
+gpg-pubkey-3ab2ce5e-41a4c011
+gpg-pubkey-f2c6a54e-43d171bc
+gpg-pubkey-27db6f5b-4140d446
gpg-pubkey-3d25d3d9-36e12d04
+gpg-pubkey-f33e3fc6-443ed5fc
+gpg-pubkey-7fdcef8b-3da540d4
+gpg-pubkey-1be4d89e-434835df
+gpg-pubkey-4efd697e-4453afce
+gpg-pubkey-a16ea024-4374cbc5
+gpg-pubkey-807235a8-3e26a1bc
+gpg-pubkey-95702b3b-3c6a5ee4
gpg-pubkey-9c800aca-40d8063e
+gpg-pubkey-ddaf6454-3777ac55
+gpg-pubkey-ddaf6454-3a577225
+gpg-pubkey-03775059-3f045e14
+gpg-pubkey-08a568c6-3be86b1b
+gpg-pubkey-5277a2fa-40bf6e67
+gpg-pubkey-58857177-3d946b70
+gpg-pubkey-cd3140cd-3d468b40
+gpg-pubkey-1dfa8f0c-41540ae2
gpg-pubkey-0dfb3188-41ed929b
gpg-pubkey-ddaf6454-3777ac55
+gpg-pubkey-cddd4d64-450c55e0
+gpg-pubkey-4efd697e-4453aa9e
+gpg-pubkey-58857177-3fbba87b
+gpg-pubkey-f4500075-43fde72f
+gpg-pubkey-dcb8fafe-3eca9611
+gpg-pubkey-35a64134-3a57e000
+gpg-pubkey-42d5f51f-2f05e27b
Solution: you have to run the install command as follows: apt install rpmkey-*. Only the apt wrapper script imports the keys into the rpm database!
Some projects build RPMs for SuSE on their own, so the first place to look for the packages is the project site. Other useful sources are:
http://software.opensuse.org/search openSUSE Buildservice - current packages, with search interfaces and Benji Weber's One Click Install
http://www.mathematik.uni-wuerzburg.de/~vaeth/specs/ some.spec files, from that RPMs can be built, and a few RPMs
There are three possibilities: over YaST, manually or over apt4rpm.
The YaST way is the simplest one. What you have to do is to add the Packman repository in YaST. Once you have done that, you may search for Packman packages in YaST Install and Remove Software interface and benefit from the automatic dependency resolution. This method is the recommended method for all users. A screenshot of the Add Repository window in YaST
To add the Packman repository as a package, go to YaST→Software repositories, and then add a mirror from the list ftp://packman.links2linux.de/pub/packman/MIRRORS as a server and suse/10.3 as a directory (change the number to your SuSE version)
Or if you use zypper (the command-line software installer in openSUSE 10.2 and newer), run
$ zypper ar http://<yourmirror>/suse/10.3 Packman
as root.
You have to download the packages on your own, and you have no automatic dependency resolution. For larger files a download manager is recommended, e.g. wget.
$ wget -nH -nd -c "address"
Then you can install the package as root into your system.
$ rpm -Uvh package1.rpm package2.rpm…
Please make sure that you downloaded all the dependencies and are installing them with a single rpm -Uvh call, otherwise rpm will complain.
This depends on whether you install packages over YaST, manually or over apt4rpm.
For the updates to work, the Packman entry must be activated in the Software Repositories screen and updated, either by enabling the automatic update (on by default) or updating manually. After that, if a new package exists, it will show in blue in the Software management screen, if a newer version is installed than is available in the repositories, it will be shown in red.
Run a rpm -Uvh command over manually downloaded RPMs, as described in the manual installation section.
There are several possibilities:
Either from the YaST Software management interface, or by running the following as root:
$ rpm -e packagename
If you cannot find the exact package name, look for it with grep
$ rpm -qa | grep -i word
Or if you know a file that is certainly in the package:
$ rpm -qf path/to/the/filename
Simply send an E-Mail with the exact error description to the Packman mailing list: packman <at> links2linux.de. If you do not know exactly which information about your system is needed? Point out at least your SUSE version and the package name and the version.
We still do, but they are named differently now. To prevent conflicts caused by different versions of the same library, as well to prevent forced installation of unneeded files, libraries packaged for Suse 10.3 must adhere to the new packaging policy (http://en.opensuse.org/Shared_Library_Packaging_Policy). Shortly explained: The package ktoblzcheck is now split into three different packages:
So if another program needs libktoblzcheck.so.X, it will request just the libktoblzcheckX package as a dependency, and no more the ktoblzcheck package.
Since for every package a source package (.src.rpm) is available, you can easily build a package for your distribution from a source package
$ rpmbuild --rebuild package.src.rpm
If all libraries and headers are already installed, a RPM will be built that can be installed with
$ rpm -Uvh /usr/src/packages/RPMS/i386/paketname.rpm
If there are missing packages necessary for the build, RPM will inform you about the missing dependencies.
You should take into consideration, that software built on a newer distribution may not be executable on an older one.
Again, as source RPMs are available for every package, you can build the package yourself.
First extract the source RPM:
$ rpm -i package.src.rpm
You find the SPEC files under /usr/src/packages/SPECS/, and the source tarball in /usr/src/packages/SOURCES/ The .spec file contains all information for building a package from source, such as what commands are to be executed during the installation, where do what files reside after the installation, the compile options etc.
Then edit the .spec file and rebuild the RPM with
$ rpmbuild -bb paketname.spec
(A better solution would be to use the build script, that comes with the build package, since it provides (among many other useful features) build dependency resolution and downloading, and builds the package in a special chroot, which ensures that all the build dependencies and only them are installed)
After that procedure a plain RPM will be built, which can be installed afterwards.
You should also inform the packager (preferably via E-Mail) so that he knows that his package is missing a feature or is misconfigured.
To show the list of the files contained in the RPM, run
$ rpm2cpio package.rpm | cpio --list
or
$ rpm -qlp package.rpm
After that you can extract individual files:
$ rpm2cpio package.rpm | cpio --extract filename
Changes related to the packaging are usually found in the changelog of the package, which can be viewed with:
$ rpm -qp --changelog packagename.rpm
Usually however the changes in the program itself are more interesting. These are usually found in a file called CHANGES or CHANGELOG, which is installed into under /usr/share/doc/packages/<package name>/. The following command shows what other documentation does the package contain:
$ rpm -qd packagename.rpm
Beyond that the changes are to be usually found on the homepage of the program. The project homepage URL is usually at the Packman package overview site (http://packman.links2linux.org/package/<packagename>). If the site reference is missing, then it is a good idea to look for the project homepage or the changelog link at Freshmeat.net, since almost every program is registered at Freshmeat.
Maximum RPM:
http://www.rpm.org/max-rpm/ (a must-read for every RPM builder)
RPM HowTo:
http://www.ibiblio.org/pub/Linux/docs/HOWTO/other-formats/html_single/RPM-HOWTO.html
RPM manpage:
$ man rpm
If your package is built with rpmbuild and not with checkinstall, send an E-mail to the Mailinglist packman <at> links2linux.de. Usually however we do not host externally-built RPMs, since all our RPMs are digitally signed and we have high quality claims on them.
However someone from Packman team may take care of your RPM. In this case he will rebuild and upload it and possibly maintain it in the future. You are also free to become a member of our team and thus take care of your package by yourself. Read the next chapter on this!
Yes, just let us know in freenode irc on #packman and we'll clarify everything.
As a Packman member you'll have to be prepared to dedicate a fixed amount of your free time for package maintenance. Once built packages are usually maintained further on; as soon as there is a version of the software more current than available within SUSE repositories, it should be updated. You have to bring along a certain amount of knowledge about the RPMs, or at least the will to learn it (it's not that hard, really not) We have some scripts which help out with the RPM maintenance greatly, however they cannot substitute the human work. There are a few guidelines on RPM packaging you must adhere to.
You must count with you also on increased a Internet Traffic, since you must download the current software-Versions, your SUSE system on the current conditions to hold and your packages to luggage one ftp to high-load must.
Would be ideal, if you could build packages in each case for the current SUSE version and for the one before it. That means in addition, doubled care expenditure for your system!
