Content
Overview
In all Linux distributions, programs that can be installed on the system are distributed as software packages. Software packages are typically a set of data packaged in a file that contains the software itself, as well as a number of additional information (metadata) about the software, such as package descriptions, installation scripts, dependency data, and so on. Packages are extracted during installation, and the files in them are placed in directories that match the file structure of the operating system.
These software packages can even be installed directly if you have downloaded them from the Internet or otherwise transferred them to your computer. However, obtaining packages directly and installing them directly is highly contraindicated, because if you do not get the right version or architecture, the installer will exit with an error at best, but it may result in a package dependency problem. In addition, we may access untrusted software from the Internet that may access our confidential information or even cause intentional damage to our system.
To maintain maximum compatibility and security, Linux distributions have their own luggage racks which can only be included in software packages after strict checks. Packages contain information about packages from a package database, and a structured structure of downloadable binary files. Download, install, or uninstall Packages package managers is done with the help of. Such a package manager is famous on Debian / Ubuntu systems, for example APT, which also has an intelligent conflict resolution mechanism, makes it one of the most efficient Linux package managers. Graphical desktop environments also include various "software center" type applications, where users can search and sort through tens of thousands of applications on graphical interfaces, but these are really just frontends that rely on these background package managers.
It is also common for third-party software developers (third-party software) to run their own repository, which may contain versions for multiple computer architectures, if their software package is not included in the central, official repositories of that Linux distribution. Such repositories must be configured separately in the configuration manager of the particular Linux distribution, and from there, updates for that program will be automatically downloaded if the manufacturer has added a newer version to its repository. One of the better known examples of this is Google, who has a variety of products provides luggage storage. For Google, repositories are set up automatically the first time you download and install a package, but you need to manually set up repository access elsewhere.
The repositories - or network mirrors (below) - are usually set up during the installation of Linux operating systems, when the installer collects information about our computer, localization, and other requested information to configure the package manager used in the distribution. Of course, you can change these settings later at any time while using the system.
Properties
The main features and advantages of luggage storage (without the need for completeness):
Security
The security of the repositories is guaranteed by the distribution itself and the community behind or maintaining it. They take part in these projects in many parts of the world, whose task is to continuously check and test the existing or new software and software packages in the given distribution. If the community detects anything about a particular package that does not meet security standards, they will report it to the maintainer of the package, who will fix the bug. This process is completely transparent, so anyone can follow the changes and repairs in the packages.
One of the reasons for this rigorous security process is that Linux systems are known to have a minimal or almost zero chance of a computer virus. Of course, for this, users must also follow the principle of installing only from a repository, because a package downloaded from an unknown location and installed manually can be a security risk.
The authenticity of the repositories is certified by so-called signing keys (GPG keys), which can be downloaded from the repository and added to the key store (keyring) of the package managers. GPG keys for the official repositories of distributions are already provided to package managers by default during setup. For third-party packages, operators also provide their own authentication keys, which must be added separately to the client machine's package key store before first use (example). The signing keys will be issued for a specified period of time and will need to be updated upon expiry (example).
Compatibility
It follows from the previous item that during the inspection of the packages, the software packages are categorized and organized, so only the packages corresponding to the version of the Linux distribution running on the user's computer and the architecture of the computer can be downloaded and installed.
Version tracking and upgrade
Here again, it follows from the previous item that if a newer version of software is released and included in the package, the package manager running on the computer detects this and then indicates to the user the need to update, or even automatically updates the package based on the rules set in the package manager. The only with the command line For servers with. As a result, users do not have to search and install newer versions of the software separately, but through the package repository, this process takes place automatically.
Satisfaction of dependencies
This is more about the properties of package managers, but it is partly related to it.
Most packages have dependencies (package dependency), that is, the metadata of the package, which also contains information about which other packages are needed within the given distribution to install and operate. It is a complex hierarchical structure that, thanks to repository databases, package managers can easily unlock and install the additional packages they need.
Many packages depend on other packages because the code is more manageable, maintainable, and reusable if you only need to install one copy of frequently used code (s) and the other packages use it as if each package contained the same code.
Avoid collisions
There are some cases where a particular packet is not compatible with other packets, in which case we are talking about a packet conflict. This can occur if one package or its dependencies cannot be installed due to the presence of another package. For example, if a particular hardware device is already managed by a driver, but the package you want to install requires a different driver to handle the same hardware (there are, of course, other conflicting situations, this is just one example of several options). In such cases, based on the set of rules set up in the package managers, the package managers intelligently overcome these problems, for example, by resolving the entire chain of dependencies, searching for alternatives, and so on. In some cases, user intervention is required to make the right decision, but in most situations, package managers solve such problems in the background.
Openness
Repositories are usually open, so anyone can access them freely, so you can even browse the online repository directory structure using a browser, all you have to do is enter the repository URL in the browser's address bar.
Load balancing (mirrors)
The official repositories of Linux distributions are subject to constant usage, as a distribution can contain up to tens of thousands of packages, the use of which is distributed per user, so there is a high chance of increasing the number of concurrent queries - and bandwidth usage - mostly from package updates. arises. In addition, Linux systems are used in many places around the world, so there is a need to connect to repositories at high speed from many parts of the world. The CDN was invented for this and similar purposes (Content Delivery Network) systems, where high-availability servers distribute the load using servers located around the world. The repositories operated in this way are called mirrors. The essence of mirrors is that when synchronized in the background, each server contains exactly the same repository, so the same content can be accessed on a mirror anywhere in the world. Linux installers offer the closest package to the user by default when selecting mirrors. Of course, this does not always mean that it will be the fastest, because there may be overloaded mirrors, so you need to choose one that is close and fast to transfer data. There are also update management applications that also show the baud rates of different mirrors. An example is Linux Mint Interface is.
Structure
Thanks to the repository databases, users can also search for keywords or even select categories using the frontends of the package managers. The luggage storage databases are built on the client machine, so searching for, browsing and viewing packet information is fast, as it does not mean additional data traffic, but uses the locally built database. Only when we update this database or download another package will it reconnect.
There are even more cross-sections of repository structures: for example, within a distribution, a distinction is made between free and licensed packages, or even major enhancements are separated from bug fixes and / or security updates, and their support lifecycles may be different, and so on. These additional distribution methods are unique to each distribution and can be viewed in the release information for that distribution.
Comfort
The graphical interface for managing repositories may vary from desktop to desktop environment, but the concept is similar for each.
The following image shows a Synaptic package management frontend on Debian 10 (Buster) and the LXQT desktop environment:
The lower status bar of the window shows that you can choose from more than 60 packages here.
The following image shows the Discover package manager fontend on a Debian 11 (Bullseye) system and the KDE Plasma desktop environment:
Examples of mirrors
Let’s look at some examples of mirrors, i.e. the official repositories for different Linux distributions.
Debian
List of Debian mirrors, then the Hungarian mirror is expanded:
Ubuntu
List of Ubuntu mirrors, then the Hungarian mirror is expanded:
CentOS
List of CentOS mirrors, then the Hungarian mirror is expanded:
- 387 views