Actions

Dev/About Debian Packaging

From Whonix

< Dev


Recommends vs Depends[edit]

This is about Recommends: vs Depends: in context of debian/control.

debian/control: There are separate meta packages [archive] for dependencies and recommended packages. For example:

  • anon-shared-packages-dependencies
  • anon-shared-packages-recommended

The reason for this is, because if we used the Recommends: field for Whonix ™ meta packages (those who pull the required Debian upstream packages for creating Whonix ™), we could not install them using apt-get with --install-recommends, which is apt-get's default option, because that would also install packages recommend by any dependency we install.

On the other hand, if we installed using apt-get --no-install-recommends, the packages Whonix ™ meta packages recommends, will not get installed.

Therefore splitting them into packages suffixed *-dependencies or *-recommended which both use Depends: and installing them using --no-install-recommends appeared to be the only solution.

Otherwise it would install packages such as virtuoso, soprano and vlc, which are not useful in context of Whonix-Gateway ™.

The Recommends: and Suggests: field is still being used but this is mostly useful for one package advertising related packages users using apt-cache show package-name and Whonix Packages for Debian Hosts.

See also Whonix_Debian_Packages#Technical_Stuff.

Files in Home Folder[edit]

Files in /etc/skel[edit]

  • Files in /etc/skel are not as bad as files in /home folder.
    • Works for any user.
  • Inconsistencies. Not deployed through /etc/skel mechanism if file is added to a package after a user account was created. I.e. users who upgraded will miss that file.
    • Needs special code to handle such cases.
  • If the file from /etc/skel is in the user's home folder, it's hard to update it. Updating the file in /etc/skel won't effect the user's version of the file in the user's home folder.
    • Needs special code to handle such cases.

Modifying Default Configuration of Third Party Packages[edit]

Taking systemd as an example. Suppose /lib/systemd/system/systemd-random-seed.service modifications are desired.

File /lib/systemd/system/systemd-random-seed.service is owned by a third party package systemd.

dpkg -S /lib/systemd/system/systemd-random-seed.service

systemd: /lib/systemd/system/systemd-random-seed.service
  • Editing /lib/systemd/system/systemd-random-seed.service.
    • Is the worst (changes get lost on systemd package gets upgraded) (there is a solution using dpkg-divert encapsulated in a more sane by using config-package-dev displace and we use it in Whonix source code where it could not be avoided but if avoidable it is best avoided if possible somehow).
  • Shipping /etc/systemd/system/systemd-random-seed.service
    • would be better but still not great (this is for local administrator, not linux distribution)
  • /lib/systemd/system/systemd-random-seed.service.d folder and a file such as /lib/systemd/system/systemd-random-seed.service.d/30_something.conf
    • is an ideal solution for linux distributions such as Whonix since it does not takeover files by other packages and does not take away something from the local system administrator or user.

config-package-dev[edit]

Debian package xfce4-session owns file /etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-session.xml. Therefore package whonix-xfce-desktop-config cannot directly overwrite it.

Preparing to unpack .../whonix-xfce-desktop-config_1.4-1_all.deb ...
Unpacking whonix-xfce-desktop-config (3:1.4-1) ...
dpkg: error processing archive /mnt/initialdeb/pool/main/w/whonix-xfce-desktop-config/whonix-xfce-desktop-config_1.4-1_all.deb (--unpack):
 trying to overwrite '\''/etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-session.xml'\'', which is also in package xfce4-session 4.12.1-6
Errors were encountered while processing:
 /mnt/initialdeb/pool/main/w/whonix-xfce-desktop-config/whonix-xfce-desktop-config_1.4-1_all.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)       '
+ apt_get_exit_code=100

config-package-dev can help with such situations.

Examples on how to use config-package-dev displace:

Ideally avoided as per above.

https://debathena.mit.edu/config-packages/ [archive]

Whonix / Kicksecure ™ Package Design[edit]

  • whonix-base-files: Whonix-Host, Whonix-Gateway, Whonix-Workstation
  • whonix-libvirt: Whonix-Host only
  • anon-gw-base-files: Whonix-Gateway only
  • anon-ws-base-files: Whonix-Workstation only
  • kicksecure-base-files: Kicksecure-VMs and Kicksecure-Hosts
  • vm-config-dist: Kicksecure-VMs and Whonix-VMs

See Also[edit]



Fosshost is sponsors Kicksecure ™ stage server Whonix old logo.png
Fosshost About Advertisements

Search engines: YaCy | Qwant | ecosia | MetaGer | peekier | Whonix ™ Wiki


Follow: 1024px-Telegram 2019 Logo.svg.png Iconfinder Apple Mail 2697658.png Twitter.png Facebook.png Rss.png Reddit.jpg 200px-Mastodon Logotype (Simple).svg.png

Support: 1024px-Telegram 2019 Logo.svg.png Discourse logo.png Matrix logo.svg.png

Donate: Donate Bank Wire Paypal Bitcoin accepted here Monero accepted here Contriute

Whonix donate bitcoin.png Monero donate Whonix.png United Federation of Planets 1000px.png

Twitter-share-button.png Facebook-share-button.png Telegram-share.png link=mailto:?subject=Dev/About Debian Packaging&body=https://www.whonix.org/wiki/Dev/About_Debian_Packaging link=https://reddit.com/submit?url=https://www.whonix.org/wiki/Dev/About_Debian_Packaging&title=Dev/About Debian Packaging link=https://news.ycombinator.com/submitlink?u=https://www.whonix.org/wiki/Dev/About_Debian_Packaging&t=Dev/About Debian Packaging link=https://mastodon.technology/share?message=Dev/About Debian Packaging%20https://www.whonix.org/wiki/Dev/About_Debian_Packaging&t=Dev/About Debian Packaging

Please contribute by helping to answer Whonix ™ questions.

https link onion link Priority Support | Investors | Professional Support

Whonix | © ENCRYPTED SUPPORT LP | Heckert gnu.big.png Freedom Software / Osi standard logo 0.png Open Source (Why?)

The personal opinions of moderators or contributors to the Whonix ™ project do not represent the project as a whole.

By using our website, you acknowledge that you have read, understood and agreed to our Privacy Policy, Cookie Policy, Terms of Service, and E-Sign Consent.