-
Notifications
You must be signed in to change notification settings - Fork 1.1k
DEB Internals
jordansissel edited this page May 15, 2011
·
2 revisions
.deb packages are surprisingly easy to hack at. They use existing tools, don't reinvent wheels, and don't do any BS inventing new file formats.
Mainly, a .deb file is an 'ar' archive:
% ar t nodejs_0.2.0_amd64.deb
debian-binary
control.tar.gz
data.tar.gz
- The 'debian-binary' file must be the first file in the archive. It must contain the 4 bytes "2.0\n"
- The 'control.tar.gz' contains basically the 'debian' directory you might see when building a package
- The 'data.tar.gz' contains the files that will be installed. You can see the same list of files with 'dpkg -c yourpackage.deb'
Inside the control.tar.gz is at least a 'control' and 'md5sums' file. The control file details are here: http://www.debian.org/doc/debian-policy/ch-controlfields.html. md5sums file is of format "md5sum filename" - every file must have a checksum in this file; one checksum per line.
rpm ships with 'rpm2cpio', but if you want something similar with debian packages, do this:
# List files:
ar p mypackage.deb | tar -ztf -
# Unpack to current directory.
ar p mypackage.deb | tar -zvxf -
# Install the package without using dpkg.
ar p mypackage.deb | tar -C / -zvxf -