How can Linux package managers be improved

Package manager APT 2.0 works faster and processes aptitude patterns

The APT package manager is mainly used under Debian-based Linux distributions. The recently released new version 2.0 works faster and more robustly.

The developers have scrapped outdated source code and thus streamlined it. The biggest change, however, concerns the handling of package names: Anyone looking for a package with APT can now use the tool Aptitude use known patterns.

Aptitude pattern for package search

APT 2.0 understands a slightly modified subset of the aptitude patterns. Additionally introduced patterns also help, among other things, to find Gstreamer codecs.

The man page "apt-patterns (7)" gives an insight into the required structure of the pattern and reveals the differences to the Apitude syntax. The patterns can be used in all APT commands that process package names. In return, APT no longer accepts regular expressions or wildcards, so users have to switch to the new patterns and adapt their scripts if necessary.

Waited and nailed down

If another program is currently blocking access to the package management, APT now waits 120 seconds for the release, and in the case of a connection via a TTY even indefinitely. APT also reveals the name and PID of the blocking process.

APT can use so-called pinning to give preference to selected package sources and packages over others and to "pin" packages to one version. This also works in APT 2.0 with source packages by adding a "src:" in front.

The following example can be found in a current blog entry by APT developer Julian Andreas Klode about the new version 2.0:

Package: src: apt
Pin: version 2.0.0
Pin priority: 990

It pegs all binaries to version 2.0.0 that were created from the sources of "apt". If you add ": any", pinning applies to all architectures.

Furthermore, "apt" and "apt-get" now have a new "satisfy" command. It satisfies the specified dependency strings, such as
apt satisfy "foo, bar (> = 1.0)".

Better performance and more security

APT 2.0 now leaves the "libgcrypt" library to create hashes, which should provide a speed boost. Until now, APT had used the reference implementations of the MD5, SHA1 and SHA2 algorithms. APT 2.0 also distributes the work more intelligently to the processor cores, which leads to performance improvements when patching via the "rred" method and when unpacking the packages.

A change in "auth.conf" increases security. With the access data stored there, you can now only access private repositories via encrypted HTTPS connections. This means that attackers can no longer redirect the user to an HTTP URL and use it to access the access data.

The source code of APT 2.0 is waiting on GitHub and on the salsa server of the Debian project. In addition, APT 2.0 is immediately in the Debian unstable repository and should gradually flow into other distributions in this way.


Read comments (13) Go to homepage
Ad ad