Package Management

What is Package Management
Linux uses repositories
centralized, secure and fast
install a package 
install <package name>
system downloads, installs, adds shortcut, and will keep the software updated

What is a Package
a package is usually a collection of binaries (the program itself), configuration files, icons, and libraries
a package is a compressed archive file containing all of these separate pieces, bundled together in a way that the system can understand
a repository is a server which holds thousands of packages
maintained by the creators of the specific distribution
Ubuntu is configured to use official Ubuntu repositories

Package Manager
the Package Manager is the tool which talks to the repository
example installation of Firefox
  1. checks local list to see where Firefox is stored
  2. downloads the package file
  3. unpacks the box
  4. check all tool and dependencies are presen
  5. copies files to correct directory
  6. registers the software so it can be removed if desired
Understanding Package Managers: APT, DNF, YUM, Pacman
the different families of Linux distributions have different package managers
all do the same job but they speak different languages and use different file formats

Name Family File Format Command Description
APT
Advanced Package Tool 		Debian
Ubuntu
Linux Mint
Kali Linux 		.deb apt most popular package manager because of Ubuntu's dominance
being user-friendly and having a massive library of software
DNF
Dandified YUM 		Fedora
Red Hat Enterprise Enterprise Linux
CentOS Stream
AlmaLinux 		.rpm dnf modern replacement for the older YUM package manager
very fast and robust
a corporate environment will likely use DNF
Pacman Arch Linux
Manjaro
EndeavourOS 		.pkg.tar.zst pacman designed for speed and simplicity
uses a different syntax (using flags like -Syu instead of words like update)
connects to the Arch User Repository (AUR)
is arguably the largest collection of community software in the world
Zypper openSUSE .rpm zypper similar to DNF but specific to the SUSE ecosystem

Debian/Ubuntu Package Management with APT
almost all package management commands require administrative privileges
need to use sudo (SuperUser DO)

Updating the Catalog (apt update)
must sync local package list with the server
command 
sudo apt update
computer connects to repo and downloads the the latest list of package names

Upgrading Software (apt upgrade)
upgrade software using command 
sudo apt upgrade
APT looks at every installed program
compares the existing version with the version in the new list
if the repository has a newer version, the version is queued for installation

Installing Software (apt install)
install joke program sl (Steam Locomotive)
to install the app use the command 
sudo apt install sl
Removing Software (apt remove)
to remove the sl app use the command 
sudo apt remove sl
removes program's binary files
usually leaves config files
settings are retained in case the app gets reinstalled

The Nuclear Option (apt purge)
to remove both binary and cofig files use the command 
sudo apt purge sl
Cleaning Up (apt autoremove)
when an app is installed it may require multiple libraries
if the app is removed, the libraries can remain
to find and remove any packages that were installed as dependencies but are no longer needed by any program use the command 
sudo apt autoremove
Red Hat/Fedora Package Management with DNF
use DNF (Dandified YUM) instead of APT
commands similar to APT

Updating and Upgrading
combine updating the local list from repo and installs upgrades in one logical step by DNF 
sudo dnf upgrade
Installing
sudo dnf install firefox
Removing
sudo dnf remove firefox
Searching
sudo dnf search firefox
Main Difference Between APT and DNF
the package format
can't install a .rpm file on Ubuntu
can't install a .deb file on Fedore
can do with special tools
Searching for Packages and Understanding Dependencies
Searching with APT
looking to install python
true name of package is unknown 
apt search python
will return massive list of thousands of packages
a better way to search is to use the apt cache command 
apt-cache search python | grep -i math
best way to search is to use Google 
Ubuntu install python
usually will return exact package name

Viewing Dependencies
to find out what dependencies package requires 
apt depends gimp
displays a long list of dependencies
a needs b, b needs c, c needs d ....
package manager handles the complexity of installation of dependencies

Broken Dependencies (Dependency Hell)
APT and DNF are very good at navigating the 'Dependency Maze'
rarely get into a broken state
if an install fails use the command 
sudo apt --fix-broken install
Managing Repositories and PPAs
official Ubuntu repositories contain roughly 60,000 packages
a new version of software won't be added it to the official repository for six months
prioritize stability over newness
for the absolute latest version, need to add a PPA (Personal Package Archive)
a PPA is a small, private repository hosted by a developer or a team
by adding it to the system, you tell APT: "Trust this guy, and check his list for software too."

Adding a PPA
  1. add the repository 
    sudo add-apt-repository ppa:<developer>/<package>
  2. update the local list 
    sudo apt update
  3. install 
    sudo apt install <package>
Risks of PPAs
PPA files are not checked for security or stability
only add PPAs from the official developers of the software (e.g., the official Mozilla PPA, the official LibreOffice PPA)

Removing a PPA
sudo add-apt-repository --remove ppa:<developer>/<package>
Installing Software from Source
sometimes need to download the raw source code and compiling it locally

The Workflow, Make, Install
  1. Download and Extract- usually download a tarball 
    tar -xzvf <package>.tar.gz
cd <package>
  2. Configure - usually in the folder thewe will be a script named .configure
    run the script 
    ./configure
    script scans computer for requirements abd dependencies
    will tell what needs to be installed
  3. Make - once configured run the make command 
    make
  4. Install - copies the new binaries to the system directories 
    sudo make install
The Downside of Source
APT doesn't know about package
  • APT can't update the package'
  • APT can't remove the package unless developer provided a make uninstall command'
  • might conflict with system packages
Keeping Your System Updated and Secure
most updates in Linux are security patches
open source means vulnerabilities are quickly discovered

Automatic Updates
Ubuntu typically enables Unattended Upgrades by default
installs critical updates in the background

Kernel Updates
occassionally an update will bring in a new Linux kernel
a file named /var/run/reboot-required means a kernel update was installed and a reboot is needed
Alternative Package Managers: Snap, Flatpak, AppImage
these are 'universal' package managers
bundle all their dependencies inside the package
APM Developer Pros Cons Commands
Snap Canonical pre-installed with Ubuntu
updates are automatic 		can be slower to launch
backend is proprietory 		sudo snap install code
sudo snap list
sudo snap refresh
Flatpak The Community
Red Hat, GNOME etc. 		pros fully open source
decentralized
very fast 		not installed by default on Ubuntu flatpak install flathub org.gimp.GIMP
flatpak run org.gimp.GIMP
APM Concept How It Works Pros Cons
AppImage Portable Apps download a single file (e.g., editor.AppImage)
make it executable (chmod +x)
run it 		no installation required
can carry on USB stick 		no automatic updates
must download new file to update
Summary
covered
  • Catalog - use apt update to refresh list
  • Installation - use apt install to get software safely
  • Hygiene - use apt autoremove to clean up dependencies
  • Future - using Snap and Flatpaks
  • Past - compiling from source with ./configure and make
key points
  • repository - secure, central server storing tested software packages
  • sudo apt update - refreshes list of available software
  • sudo apt upgrade - installs newer versions of software
  • sudo apt install <package>
  • dependencies - additional libraries needed by app
    package manager handles these automatically
  • PPA - personal repository for third-party software
  • Snap / Flatpak - 'universal' package manager
  • source install - manual method(./configure, make,make install)
    avoid unless necessary
index