| Debian package | |
|---|---|
 | |
| Filename extension | .deb, .udeb |
| Internet media type | application/vnd.debian.binary-package[1] |
| Developed by | Debian |
| Type of format | Package management system |
| Container for | Software package |
| Extended from | ar archive,tarball |
| Website | deb format specification |
deb is the format, as well asfilename extension of thesoftware package format for theDebianLinux distribution andits derivatives.
Debian packages are standardUnixar archives that include twotar archives. One archive holds the control information and another contains the installable data.[2]
dpkg provides the basic functionality for installing and manipulating Debian packages. Generally end users don't manage packages directly withdpkg but instead use theAPT package management software or otherAPT front-ends such asaptitude (nCurses) andsynaptic (GTK).[3]
Debian packages can be converted into other package formats and vice versa usingalien, and created from source code usingcheckinstall or the Debian Package Maker.[4]
Some core Debian packages are available asudebs ("micro debs"), and are typically used only for bootstrapping a Debian installation. Although these files use theudeb filename extension, they adhere to the same structure specification as ordinarydeb files. However, unlike theirdeb counterparts,udeb packages contain only essential functional files.[5] In particular, documentation files are normally omitted.udeb packages are not installable on a standard Debian system, but are used inDebian-Installer.
Prior to Debian 0.93, a package consisted of a file header and two concatenatedgzip archives.[6] Since Debian 0.93, a deb package is implemented as anar archive.[7] This archive contains three files in a specific order:[8][9]
debian-binary containing a single line giving the package format version number. (2.0 for current versions of Debian).[9]control.tar contains the maintainer scripts and the package meta-information (package name, version, dependencies and maintainer). Compressing the archive withgzip orxz andzstd is supported. The file extension changes to indicate the compression method.[9][2]data.tar contains the actual installable files. Compressing the archive withgzip,bzip2,lzma orxz andzstd is supported. The file extension changes to indicate the compression method.[9][2]The control archive contents can include the following files:
Debian-based distributions supportOpenPGP signature verification of signed Debian packages, but most (if not all) have this feature disabled by default.[20] Instead packages are verified by signing the repository metadata (i.e.Release files). The metadata files in turn include checksums for the repository files as a means to verify authenticity of the files.[21][22] Currently there are two different implementations for signing individual packages. The first is done via thedebsigs /debsig-verify toolset, which is supported bydpkg.[20][23] The second is done through thedpkg-sig program which is not supported bydpkg, so the packages have to be manually checked with thedpkg-sig program.[20][24][25][26] Both formats add new sections to thear archive to store the signature information, but the formats are not compatible with one another.[20] Neither of the modifications to the package format are listed in the official Debian handbook orman page about the binary package format.[27][8]
{{cite web}}: CS1 maint: bot: original URL status unknown (link){{cite web}}: CS1 maint: bot: original URL status unknown (link)| General |  | ||||
|---|---|---|---|---|---|
| People | |||||
| Derivatives |
| ||||
| Software | |||||
| Others | |||||
| Archiving only | |
|---|---|
| Compressing only | |
| Archiving and compressing | |
| Software packaging and distributing | |
| Document packaging and distributing | |
