+ A .deb package contains two sets of files: a set of files
+ to install on the system when the package is installed, and a set
+ of files that provide additional metadata about the package or
+ which are executed when the package is installed or removed. This
+ second set of files is called control information files.
+ Among those files are the package maintainer scripts
+ and
+ There is unfortunately a collision of terminology here between
+ control information files and files in the Debian control file
+ format. Throughout this document, a control file refers
+ to a file in the Debian control file format. These files are
+ documented in . Only files referred to
+ specifically as control information files are the files
+ included in the control information file member of
+ the
- Every package must have a Debian maintainer (the - maintainer may be one person or a group of people - reachable from a common email address, such as a mailing - list). The maintainer is responsible for ensuring that - the package is placed in the appropriate distributions. -
- -- The maintainer must be specified in the - Maintainer control field with their correct name - and a working email address. If one person maintains - several packages, they should try to avoid having - different forms of their name and email address in + Every package must have a maintainer, except for orphaned + packages as described below. The maintainer may be one person + or a group of people reachable from a common email address, such + as a mailing list. The maintainer is responsible for + maintaining the Debian packaging files, evaluating and + responding appropriately to reported bugs, uploading new + versions of the package (either directly or through a sponsor), + ensuring that the package is placed in the appropriate archive + area and included in Debian releases as appropriate for the + stability and utility of the package, and requesting removal of + the package from the Debian distribution if it is no longer + useful or maintainable. +
+ +
+ The maintainer must be specified in the Maintainer
+ control field with their correct name and a working email
+ address. The email address given in the Maintainer
+ control field must accept mail from those role accounts in
+ Debian used to send automated mails regarding the package. This
+ includes non-spam mail from the bug-tracking system, all mail
+ from the Debian archive maintenance software, and other role
+ accounts or automated processes that are commonly agreed on by
+ the project.
- If the maintainer of a package quits from the Debian
- project, "Debian QA Group"
-
+ An orphaned package is one with no current maintainer. Orphaned
+ packages should have their Maintainer control field set
+ to Debian QA Group <packages@qa.debian.org>.
+ These packages are considered maintained by the Debian project
+ as a whole until someone else volunteers to take over
+ maintenance.
- Every Debian package must have an extended description - stored in the appropriate field of the control record. - The technical information about the format of the + Every Debian package must have a Description control + field which contains a synopsis and extended description of the + package. Technical information about the format of the Description field is in .
@@ -1050,10 +1104,10 @@- Sometimes, a package requires another package to be installed - and configured before it can be installed. In this - case, you must specify a Pre-Depends entry for - the package. + Sometimes, unpacking one package requires that another package + be first unpacked and configured. In this case, the + depending package must specify this dependency in + the Pre-Depends control field.
@@ -1135,7 +1189,7 @@ must be available and usable on the system at all times, even when packages are in an unconfigured (but unpacked) state. Packages are tagged essential for a system using the - Essential control file field. The format of the + Essential control field. The format of the Essential control field is described in .
@@ -1255,17 +1309,16 @@
Packages which use the Debian Configuration Management
- Specification may contain an additional
-
@@ -1764,23 +1826,26 @@ identical behavior.
+
+ The following targets are required and must be implemented
+ by
Since an interactive
- The targets are as follows (required unless stated otherwise):
+ The targets are as follows:
The build target should perform all the
@@ -1891,8 +1956,8 @@
@@ -1940,7 +2005,7 @@
This must undo any effects that the build
@@ -2022,14 +2087,21 @@
The architectures we build on and build for are determined
- by
+ Here is a list of supported
@@ -2190,16 +2262,16 @@ endif
- When
@@ -2218,12 +2290,12 @@ endif
- This is an optional, recommended control file for the
- uscan utility which defines how to automatically
- scan ftp or http sites for newly available updates of the
- package. This is used by
where * is either BUILD for specification of
- the build machine or HOST for specification of the
- host machine.
+ the build architecture or HOST for specification of the
+ host architecture.
+ See for additional requirements and + information about package maintainers. +
- List of the names and email addresses of co-maintainers of
- the package, if any. If the package has other maintainers
- beside the one named in the
-
+ This is normally an optional field, but if + the Maintainer control field names a group of people + and a shared email address, the Uploaders field must + be present and must contain at least one human with their + personal email address.
@@ -3610,12 +3694,11 @@ Checksums-Sha256:
- These scripts are the files
- Additionally, packages interacting with users using
- debconf in the
+ Additionally, packages interacting with users
+ using
When a package is upgraded a combination of the scripts from @@ -3647,7 +3730,7 @@ Checksums-Sha256:
Broadly speaking the
-
-
+ What follows is a summary of all the ways in which maintainer
+ scripts may be called along with what facilities those scripts
+ may rely on being available at that time. Script names preceded
+ by new- are the scripts from the new version of a
+ package being installed, upgraded to, or downgraded to. Script
+ names preceded by old- are the scripts from the old
+ version of a package that is being upgraded from or downgraded
+ from.
+
-
-
+
+
-
-
+
+
-
-
+ The
This is done using the Depends, Pre-Depends, Recommends, Suggests, Enhances, - Breaks and Conflicts control file fields. + Breaks and Conflicts control fields. Breaks is described in , and Conflicts is described in . The rest are described below. @@ -4513,31 +4685,40 @@ Build-Depends: foo [linux-any], bar [any-i386], baz [!linux-any]
- For this reason packages in an installation run are usually
- all unpacked first and all configured later; this gives
- later versions of packages with dependencies on later
- versions of other packages the opportunity to have their
- dependencies satisfied.
+ Since Depends only places requirements on the order in
+ which packages are configured, packages in an installation run
+ are usually all unpacked first and all configured later.
+
- In case of circular dependencies, since installation or - removal order honoring the dependency order can't be - established, dependency loops are broken at some point - (based on rules below), and some packages may not be able to - rely on their dependencies being present when being - installed or removed, depending on which side of the break - of the circular dependency loop they happen to be on. If one - of the packages in the loop has no postinst script, then the - cycle will be broken at that package, so as to ensure that - all postinst scripts run with the dependencies properly - configured if this is possible. Otherwise the breaking point - is arbitrary. -
-
- The Depends field thus allows package maintainers
- to impose an order in which packages should be configured.
+ If there is a circular dependency among packages being installed
+ or removed, installation or removal order honoring the
+ dependency order is impossible, requiring the dependency loop be
+ broken at some point and the dependency requirements violated
+ for at least one package. Packages involved in circular
+ dependencies may not be able to rely on their dependencies being
+ configured before they themselves are configured, depending on
+ which side of the break of the circular dependency loop they
+ happen to be on. If one of the packages in the loop has
+ no
@@ -4549,7 +4730,8 @@ Build-Depends: foo [linux-any], bar [any-i386], baz [!linux-any] This declares an absolute dependency. A package will not be configured unless all of the packages listed in its Depends field have been correctly - configured. + configured (unless there is a circular dependency as + described above).
@@ -4561,12 +4743,31 @@ Build-Depends: foo [linux-any], bar [any-i386], baz [!linux-any]
The Depends field should also be used if the
-
+ Finally, the Depends field should be used if the
+ depended-on package is needed by the
- When the package declaring a pre-dependency is about - to be configured, the pre-dependency will be - treated as a normal Depends, that is, it will - be considered satisfied only if the depended-on - package has been correctly configured. + When the package declaring a pre-dependency is about to + be configured, the pre-dependency will be treated + as a normal Depends. It will be considered + satisfied only if the depended-on package has been + correctly configured. However, unlike + with Depends, Pre-Depends does not + permit circular dependencies to be broken. If a circular + dependency is encountered while attempting to honor + Pre-Depends, the installation will be aborted. +
+ +
+ Pre-Depends are also required if the
+
@@ -4638,13 +4849,6 @@ Build-Depends: foo [linux-any], bar [any-i386], baz [!linux-any] installation would hamper the ability of the system to continue with any upgrade that might be in progress.
- -
- Pre-Depends are also required if the
-
When one binary package declares that it breaks another,
- When one binary package declares a conflict with another
- using a Conflicts field,
- If one package is to be installed, the other must be removed
- first. If the package being installed is marked as replacing
+ If one package is to be unpacked, the other must be removed
+ first. If the package being unpacked is marked as replacing
(see , but note that Breaks should
normally be used in this case) the one on the system, or the one
on the system is marked as deselected, or both packages are
@@ -4780,7 +4984,7 @@ Build-Depends: foo [linux-any], bar [any-i386], baz [!linux-any]
A virtual package is one which appears in the
- Provides control file field of another package.
- The effect is as if the package(s) which provide a
- particular virtual package name had been listed by name
- everywhere the virtual package name appears. (See also )
+ Provides control field of another package. The effect
+ is as if the package(s) which provide a particular virtual
+ package name had been listed by name everywhere the virtual
+ package name appears. (See also )
@@ -4905,9 +5108,9 @@ Provides: bar
Packages can declare in their control file that they should
- overwrite files in certain other packages, or completely
- replace other packages. The Replaces control file
- field has these two distinct purposes.
+ overwrite files in certain other packages, or completely replace
+ other packages. The Replaces control field has these
+ two distinct purposes.
This is done using the Build-Depends,
Build-Depends-Indep, Build-Conflicts and
- Build-Conflicts-Indep control file fields.
+ Build-Conflicts-Indep control fields.
@@ -5098,55 +5301,134 @@ Replaces: mail-transport-agent
- Packages involving shared libraries should be split up into
- several binary packages. This section mostly deals with how
- this separation is to be accomplished; rules for files within
- the shared library packages are in instead.
+ This section deals only with public shared libraries: shared
+ libraries that are placed in directories searched by the dynamic
+ linker by default or which are intended to be linked against
+ normally and possibly used by other, independent packages. Shared
+ libraries that are internal to a particular package or that are
+ only loaded as dynamic modules are not covered by this section and
+ are not subject to its requirements.
+ A shared library is identified by the SONAME attribute
+ stored in its dynamic section. When a binary is linked against a
+ shared library, the SONAME of the shared library is
+ recorded in the binary's NEEDED section so that the
+ dynamic linker knows that library must be loaded at runtime. The
+ shared library file's full name (which usually contains additional
+ version information not needed in the SONAME) is
+ therefore normally not referenced directly. Instead, the shared
+ library is loaded by its SONAME, which exists on the file
+ system as a symlink pointing to the full name of the shared
+ library. This symlink must be provided by the
+ package. describes how to do this.
+
- The run-time shared library needs to be placed in a package
- whose name changes whenever the shared object version
- changes.
- Since it is common place to install several versions of a
- package that just provides shared libraries, it is a
- good idea that the library package should not
- contain any extraneous non-versioned files, unless they
- happen to be in versioned directories.
+ Shared libraries are normally split into several binary packages.
+ The SONAME symlink is installed by the runtime shared
+ library package, and the bare .so symlink is installed in
+ the development package since it's only used when linking binaries
+ or shared libraries. However, there are some exceptions for
+ unusual shared libraries or for shared libraries that are also
+ loaded as dynamic modules by other programs.
- If you have several shared libraries built from the same
- source tree you may lump them all together into a single
- shared library package, provided that you change all of
- their sonames at once (so that you don't get filename
- clashes if you try to install different versions of the
- combined shared libraries package).
+ This section is primarily concerned with how the separation of
+ shared libraries into multiple packages should be done and how
+ dependencies on and between shared library binary packages are
+ managed in Debian. should be read in
+ conjunction with this section and contains additional rules for
+ the files contained in the shared library packages.
+ The run-time shared library must be placed in a package
+ whose name changes whenever the SONAME of the shared
+ library changes. This allows several versions of the shared
+ library to be installed at the same time, allowing installation
+ of the new version of the shared library without immediately
+ breaking binaries that depend on the old version. Normally, the
+ run-time shared library and its SONAME symlink should
+ be placed in a package named
+
+ If you have several shared libraries built from the same source
+ tree, you may lump them all together into a single shared
+ library package provided that all of their SONAMEs will
+ always change together. Be aware that this is not normally the
+ case, and if the SONAMEs do not change together,
+ upgrading such a merged shared library package will be
+ unnecessarily difficult because of file conflicts with the old
+ version of the package. When in doubt, always split shared
+ library packages so that each binary package installs a single
+ shared library.
+
+ Every time the shared library ABI changes in a way that may
+ break binaries linked against older versions of the shared
+ library, the SONAME of the library and the
+ corresponding name for the binary package containing the runtime
+ shared library should change. Normally, this means
+ the SONAME should change any time an interface is
+ removed from the shared library or the signature of an interface
+ (the number of parameters or the types of parameters that it
+ takes, for example) is changed. This practice is vital to
+ allowing clean upgrades from older versions of the package and
+ clean transitions between the old ABI and new ABI without having
+ to upgrade every affected package simultaneously.
+
+ The SONAME and binary package name need not, and indeed
+ normally should not, change if new interfaces are added but none
+ are removed or changed, since this will not break binaries
+ linked against the old shared library. Correct versioning of
+ dependencies on the newer shared library by binaries that use
+ the new interfaces is handled via
+ the
The package should install the shared libraries under
their normal names. For example, the
- The run-time library package should include the symbolic link that
-
During install or upgrade, the preinst is called before
- the new files are installed, so calling "ldconfig" is
+ the new files are unpacked, so calling "ldconfig" is
pointless. The preinst of an existing package can also be
called if an upgrade fails. However, this happens during
the critical time when a shared libs may exist on-disk
@@ -5377,7 +5660,7 @@ Replaces: mail-transport-agent
) to ensure that the user only installs one
development version at a time (as different development versions are
likely to have the same header files in them, which would cause a
- filename clash if both were installed).
+ filename clash if both were unpacked).
@@ -5389,6 +5672,14 @@ Replaces: mail-transport-agent
(
+ If the package provides Ada Library Information
+ (
When packages are being built,
any
- Log files must be rotated occasionally so that they don't
- grow indefinitely; the best way to do this is to drop a log
- rotation configuration file into the directory
-
The traditional approach to log files has been to set up
ad hoc log rotation schemes using simple shell
@@ -7924,17 +8230,20 @@ ln -fs ../sbin/sendmail debian/tmp/usr/bin/runq
section="8">):
@@ -7946,7 +8255,7 @@ endscript
@@ -7987,6 +8296,12 @@ endscript
+
+ Control information files should be owned by root:root
+ and either mode 644 (for most files) or mode 755 (for
+ executables such as
Setuid and setgid executables should be mode 4755 or 2755
@@ -8491,8 +8806,7 @@ http://localhost/doc/package/filename
this so programs should not fail if
@@ -8601,8 +8915,9 @@ name ["syshostname"]:
Packages that provide an X server that, directly or
indirectly, communicates with real input and display
- hardware should declare in their control data that they
- provide the virtual package xserver.
Packages that provide a terminal emulator for the X Window
- System which meet the criteria listed below should declare
- in their control data that they provide the virtual
- package x-terminal-emulator. They should also
- register themselves as an alternative for
+ System which meet the criteria listed below should declare in
+ their Provides control field that they provide the
+ virtual package x-terminal-emulator. They should
+ also register themselves as an alternative for
Packages that provide a window manager should declare in
- their control data that they provide the virtual package
- x-window-manager. They should also register
- themselves as an alternative for
+ their Provides control field that they provide the
+ virtual package x-window-manager. They should also
+ register themselves as an alternative for
The
@@ -9715,13 +10030,13 @@ END-INFO-DIR-ENTRY
It is possible to put other files in the package control
- area, but this is not generally a good idea (though they
- will largely be ignored).
+ information file area, but this is not generally a good idea
+ (though they will largely be ignored).
- Here is a brief list of the control info files supported by
-
@@ -10592,7 +10907,7 @@ END-INFO-DIR-ENTRY
- A package may contain a control area file called
+ A package may contain a control information file called
conffiles. This file should be a list of filenames
of configuration files needing automatic handling, separated
by newlines. The filenames should be absolute pathnames,
@@ -8846,8 +9161,8 @@ name ["syshostname"]: