Security Considerations on Linux Package Management
- 2. Hello!I am Tharindu Edirisinghe You can find me at …. tharindue.blogspot.com @thariyarox https://lk.linkedin.com/in/ediri ediri@live.com
- 6. A Personal Package Archive (PPA) is a special software repository for uploading source packages to be built and published as an APT repository by Launchpad. While the term is used exclusively within Ubuntu, Launchpad host Canonical envisions adoption beyond the Ubuntu community. Source : http://askubuntu.com/questions/4983/what-are-ppas-and-how-do-i-use-them https://en.wikipedia.org/wiki/Personal_Package_Archive
- 7. sudo apt-get install <package name>
- 8. You can add a PPA to your system with a single line in your terminal. Open a terminal and enter: sudo add-apt-repository ppa:shutter/ppa Now, as a one-off, you should tell your system to pull down the latest list of software from each archive it knows about, including the PPA you just added: sudo apt-get update Install Shutter sudo apt-get install shutter
- 9. sudo dpkg -i <package file>
- 10. The Advanced Package Tool, or APT, is a free software user interface that works with core libraries to handle the installation and removal of software on the Debian, Slackware and other Linux distributions. APT simplifies the process of managing software on Unix-like computer systems by automating the retrieval, configuration and installation of software packages, either from precompiled files or by compiling source code. APT was originally designed as a front-end for dpkg to work with Debian's .deb packages, but it has since been modified to also work with the RPM Package Manager system via APT-RPM.The Fink project has ported APT to Mac OS X for some of its own package management tasks, and APT is also available in OpenSolaris. Source : https://en.wikipedia.org/wiki/Advanced_Packaging_Tool
- 11. dpkg is the software at the base of the package management system in the free operating system Debian and its numerous derivatives. dpkg is used to install, remove, and provide information about .deb packages. Source : https://en.wikipedia.org/wiki/Dpkg
- 12. package_name ├── DEBIAN │ ├── control (meta data of the package) │ ├── preinst (execute before installing the package) │ ├── postinst (execute after installing the package) │ ├── prerm (execute before un-installing the package) │ └── postrm (execute after un-installing the package) │ └── /……. (folders and files following the linux file structure) Source : https://www.hivelocity.net/kb/what-are-preinst-postinst-prerm-and-postrm-script-2/
- 13. demo
- 14. mkdir -p helloworld_1.0-1/usr/local/bin cp ~/Projects/Hello World/helloworld helloworld_1.0-1/usr/local/bin/ mkdir helloworld_1.0-1/DEBIAN vi helloworld_1.0-1/DEBIAN/control dpkg-deb --build helloworld_1.0-1 Source : https://ubuntuforums.org/showthread.php?t=910717 Package: helloworld Version: 1.0-1 Section: base Priority: optional Architecture: i386 Depends: libsomethingorrather (>= 1.2.13), xyz (>= 1.2.6) Maintainer: Tharindu Edirisinghe <ediri@live.com> Description: Hello World When you need some sunshine, just run this small program!
- 15. Install a Debian (.deb) package × sudo dpkg -i <package name> List installed packages × dpkg -l <package name with/out wildcards> Un-Install a Debian (.deb) package binaries × sudo dpkg --remove <package name> Un-Install a Debian (.deb) package binaries and configuration files × sudo dpkg --purge <package name>
- 17. Linux Package Management https://www.linode.com/docs/tools-reference/linux-package-management Package Management Security https://isis.poly.edu/~jcappos/papers/cappos_pmsec_tr08-02.pdf Debian Packaging Tutorial https://www.debian.org/doc/manuals/packaging-tutorial/packaging-tutorial.en.pdf
- 18. THANKS!Any questions? You can find me at …. tharindue.blogspot.com @thariyarox https://lk.linkedin.com/in/ediri ediri@live.com