Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Wednesday, 16 January 2008 18:14

A spotter's guide to open-source Linux package formats

By
Want to find open source tools? Linux distros have long had the tradition that software is bundled into easily-installed packages. Yet, finding packages can be less than intuitively obvious and even then they may not appear to be available for your flavour of choice. Here’s how to get the most out of Linux packages.

Actually, the first place to look is your very Linux distribution CD or DVD set. All Linux distros except those of the “damn small” variety ship with much more software on disc than is typically installed. When installing a distro you get a choice as to the kind of system you want often in the form of workstation vs server which installs different combinations of packages.

You can always add to the installed software by using a graphical tool to add (or remove) items, if your distro provides such. In some cases you might need to manually find the raw packages on the original disc but these will generally be located all in one folder with no clear organisation save for the name of the software. That’s fine, unless you only know the type of software you need, not the actual name of something that does it.

Here’s where the Internet always comes in handy. Check out great open source software sites like FreshMeat or Sourceforge. Check them out and search for interesting new apps.

It’s not plain sailing even once you’ve found something: check out MySource Classic for example. This sounds cool; it’s a powerful open source web site and intranet content management system. It is designed to enable technically unskilled users to build and maintain their own online solutions securely, professionally and inexpensively. It’s your classic LAMP app, written in PHP and using Apache and MySQL.

However, MySource Classic is available for download as a .zip file or a .tar.gz file. Both of these are archive formats. Most everyone knows what a zip file is, but .tar.gz – also represented as .tgz – is largely a Linux/UNIX specific format known as a tarball.

Tarballs are convenient formats for distributing source code; it’s pretty universal (harking back to “the old days”, the name tar actually deriving from “tape archive”) and easily transported. However, it’s different from a package format like the apps that come with your Linux distro. Packages contain executable binary files as well as any other configuration items or other files required, and the package manager puts everything in the right place without any effort on your part.

Call up a terminal console and use the tar command to inspect the archive; as with everything Linux there are a few options here.

You can uncompress the tarball using gunzip, namely

gunzip mysource-2.16.2.tar.gz

This leaves a new file called mysource-2.16.2.tar; inspect its contents via

tar –tvf mysource-2.16.2.tar | more

The contents now spill forth. Alternatively, you can examine the original tarball without compressing via a variant of the tar command, namely

tar –tzvf mysource-2.16.2.tar | more

Let’s delve further; we know what the archive contains so let’s crack it open.

CONTINUED





 


It’s generally safe to open up any archive but you do need to exercise a bit of care to avoid clobbering any files on your system. Sometimes the tarball extracts all its files to a subfolder which it makes in your current directory. However, sometimes it extracts everything to the current directory – this can be a nuisance because you have to clean up, but it can also destroy any files you have with the same names.

Worse, some naive administrators may extract tarballs in inappropriate places like the very root of the system; a malicious archive can easily replace important system configuration files or executable files in this way. It’s best to extract an archive as a non-privileged user in a dedicated folder and move any output into place afterwards.

So, let’s open it up. Again, we’ll use tar:

tar –xf mysource-2.16.2.tar

or, as before, add the –z flag to skip the gunzip step:

tar –xzf mysource-2.16.2.tar.gz

You now have a folder with all the source code available, as individual files and folders, just as if it was on the designer’s system itself.

Tarballs are the most common archive format but not the only one; you might come across cpio archives which generally end in the .cpio suffix. This format is used internally by rpm packages but is not usually a common archive format anymore by itself. However, if you find one note that it while cpio uses some of the same flags as tar, it works on input and output streams not files, like so:

cpio –tv < examplefile.cpio

to inspect the archive and

cpio –i –d < examplefile.cpio

to pull out the contents.

However your archive file comes to you, the onus is then on you to compile and install the software. This is the most portable format; no matter your Linux distro it’s a pretty safe bet the app will co-operate provided you know what you’re doing. (Happily, “what you’re doing” can usually amount to a series of commands –

./configure
make
make install

provided the developer has been kind enough to provide a configuration tool and Makefile.

By contrast, package managers are far more sophisticated and friendly – but are much less transportable between different distros. However, the advantages they offer are many. A package manager will keep track of what has been installed and where the files are located. The package manager will also help you easily find if new versions are available, and best of all will make sure any dependencies are conformed to. If you try to install a package which relies upon a crucial component to run, the package manager will ensure the right version of that crucial component has also been installed.

The two most common package formats are the Debian Package format as used by, of course, Debian but also Ubuntu, Knoppix and others – as well as the rpm format used by Red Hat, Fedora, Suse and some others.

Unless you’re making your own Linux distro the choice of package manager has already been made for you. I’ve long tried to stress the difference between Linux distros is pretty much the package manager it employs and the default set of packages it installs – every version of Linux uses the exact same Linux kernel, and pretty much the same GNU tools – but one major point of distinction between distros is the package manager.

CONTINUED





 


So then, if you’re looking for new open source apps and can find a package this means two things right up. Firstly, the package may or may not be usable on your system depending on the format it is in and the format you can work with. Secondly, if the package is acceptable, you can be confident it will install without any fuss and without any need to compile it or go to any great effort.

For the dead keen, it is possible to pull all the files out of a package and then manually install it. As said earlier, the rpm package format uses the cpio archive format internally. A simple command, rpm2cpio, will assist by dumping the internal archive. You can use the following command to extract all the files without actually installing them:

rpm2cpio examplepackage.rpm | cpio –i

Handily, in a similar fashion, the Debian package format is a collection of tarballs in an archive format called ar; as you might expect this is closely related to tar but is much more basic. One feature is it does not support folders.

Extract the contents of a Debian package like so:

ar –x examplepackage.deb

This will spill out two tarballs – control.tar.gz and data.tar.gz – and a single-lined text file called debian-binary.

debian-binary merely contains the Debian packaging version used; control.tar.gz contains install scripts and useful information. data.tar.gz holds the actual binary files and configuration items themselves, all the files needed for the program to work. At a pinch you could just extract this archive with tar –xf although if the app is complex the install scripts will be doing much more work than this.

Earlier, I said one of the great features of a package manager was its ability to keep your apps up-to-date as newer versions are released. The tools used will obviously vary based on your distro, but do check out Apt (Advanced Package Tool), Yum (Yellowdog updater modified), Synaptic (a graphical front-end on top of apt) and up2date.

Apt is a mature piece of software which came with Debian and related distros but now supports rpm also. It is not so much a single tool as a collection of utilities; the most commonly used parts of Apt are apt-get and apt-cache which pull down packages from available repositories and query what’s available, respectively. Synaptic offers no new functionality overall but bundles everything together in a single easy-to-use graphical tool.

Similar to Apt, Yum is a command-line utility for rpm packages. It can query what’s available, install packages, and perform all the other required functions like listing what’s been installed and uninstalling previously installed packages.

up2date is also an rpm tool, but it seeks to provide access to Yum and Apt repositories giving a richer suite.

Get online, get software, get into the FOSS way.


Subscribe to ITWIRE UPDATE Newsletter here

Now’s the Time for 400G Migration

The optical fibre community is anxiously awaiting the benefits that 400G capacity per wavelength will bring to existing and future fibre optic networks.

Nearly every business wants to leverage the latest in digital offerings to remain competitive in their respective markets and to provide support for fast and ever-increasing demands for data capacity. 400G is the answer.

Initial challenges are associated with supporting such project and upgrades to fulfil the promise of higher-capacity transport.

The foundation of optical networking infrastructure includes coherent optical transceivers and digital signal processing (DSP), mux/demux, ROADM, and optical amplifiers, all of which must be able to support 400G capacity.

With today’s proprietary power-hungry and high cost transceivers and DSP, how is migration to 400G networks going to be a viable option?

PacketLight's next-generation standardised solutions may be the answer. Click below to read the full article.

CLICK HERE!

WEBINAR PROMOTION ON ITWIRE: It's all about webinars

These days our customers Advertising & Marketing campaigns are mainly focussed on webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://www.itwire.com/itwire-update.html and Promotional News & Editorial.

This coupled with the new capabilities 5G brings opens up huge opportunities for both network operators and enterprise organisations.

We have a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you.

MORE INFO HERE!

BACK TO HOME PAGE
David M Williams

David has been computing since 1984 where he instantly gravitated to the family Commodore 64. He completed a Bachelor of Computer Science degree from 1990 to 1992, commencing full-time employment as a systems analyst at the end of that year. David subsequently worked as a UNIX Systems Manager, Asia-Pacific technical specialist for an international software company, Business Analyst, IT Manager, and other roles. David has been the Chief Information Officer for national public companies since 2007, delivering IT knowledge and business acumen, seeking to transform the industries within which he works. David is also involved in the user group community, the Australian Computer Society technical advisory boards, and education.

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments