man reprepro (Commandes) - produce, manage and sync a local repository of debian packages

NAME

reprepro - produce, manage and sync a local repository of debian packages

SYNOPSIS

reprepro --help

reprepro [ options ] command [ per-command-options ]

DESCRIPTION

reprepro is a tool to manage a repository of Debian packages (.deb, .udeb, .dsc, ...). It stores files either being injected manually or downloaded from some other repository (partially) mirrored into a pool/ hierarchy. Managed packages and files are stored in a libdb3 database, so no database server is needed. Checking signatures of mirrored repositories and creating signatures of the generated Package indices is supported.

WARNING: Some functions are still quite experimental and not very heavily tested. Be careful.

Former working title of this program was mirrorer.

GLOBAL OPTIONS

Global options can be specified before the command. They effect some subset of commands and are ignored otherwise.

-h --help
Displays a short list of options and commands with description.
-v, -V, --verbose
Be more verbose. Can be applied multiple times. One upcase -V counts as five lowercase -v.
-f, --force
Do things nevertheless. Might be dangerous and destructive.
-b, --basedir basedir
Sets the base-dir of the repository to manage, i.e. where the pool/ subdirectory resides. If none is supplied and the REPREPRO_BASE_DIR environment variable is not set either, the current directory will be used.
--confdir confdir
Sets the directory where the configuration is searched in.

If none is given, basedir/conf will be used.

--distdir distdir
Sets the directory to generate index files relatively to. (i.e. things like Packages.gz, Sources.gz and Release.gpg)

If none is given, basedir/dists is used.

Note: apt has dists hardcoded in it, so this is mostly only useful for testing or when your webserver pretends another directory structure than your physical layout.

Warning: Beware when changing this forth and back between two values not ending in the same directory. Reprepro only looks if files it wants are there. If nothing of the content changed and there is a file it will not touch it, assuming it is the one it wrote last time, assuming any different --distdir ended in the same directory. So either clean a directory before setting --distdir to it or do an export with the new one first to have a consistent state.

--dbdir dbdir
Sets the directory where reprepro keeps its databases.

If none is given, basedir/db is used.

Note: This is permanent data, no cache. One has almost to regenerate the whole repository when this is lost.

--listdir listdir
Sets the directory where downloads it downloads indices to when importing from other repositories. This is temporary data and can be safely deleted when not in an update run.

If none is given, basedir/lists is used.

--overridedir overridedir
Sets the directory where specified override-files will be searched in if they do not start with a slash. If none is given, basedir/override is used.
--methoddir methoddir
Look in methoddir instead of /usr/lib/apt/methods for methods to call when importing from other repositories.
-C, --component component
Specify a component to force into, to remove from or to list only.
-A, --architecture architecture
Specify an architecture to only include into, remove from or list.

When including this does not lead to packages in the wrong architecture but will restrict effect to this architecture. This allows e.g. different versions of an Architecture: all -package in different architectures of the same distribution.

-T, --type dsc|deb|udeb
Specify which type of files to include, remove or list.
-S, --section section
Overrides the section of inclusions. (Also override possible override files)
-P, --priority priority
Overrides the priority of inclusions. (Also override possible override files)
--ignore=what
Ignore errors of type what. See the section ERROR IGNORING for possible values.
--nolistsdownload
When running update or checkupdate do not download any Release or index files (and also do not check them). This is hardly useful except when you just run one of those command for the same distributions.
--keepunreferencedfiles
Do not delete files that are no longer used because the package they are from is deleted/replaced with a newer version from the last distribution it was in.
--keepunneededlists
Do not try to delete files from lists/ before updating, that seem to belong to one of the updated distributions but will not be needed. Those file may happen to exist when you removed some Update: rule or changed Components/Architectures/... . This is mostly only useful if you want to temporarily disable some update rule and want to avoid downloading their index files again when you read it later.
--keepdirectories
Do not try to rmdir parent directories after files or directories have been removed from them. (Do this if your directories have special permissions you want keep, do not want to be pestered with warnings about errors to remove them, or have a buggy rmdir call deleting non-empty directories.)
--ask-passphrase
Ask for passphrases when signing things and one is needed. This is a quick and dirty implementation using the obsolete getpass(3) function with the description gpgme is supplying. So the prompt will look quite funny and support for passphrases with more than 8 characters depend on your libc. I suggest using gpg-agent or something like that instead.
--noskipold
When updating do not skip targets where no new index files are available. Since version 0.8 reprepro by default skips update of targets where no index file had to be downloaded as it was already there. (Assuming that if the file is already there, everything is most likely already done.)

Thus if you only change an script to preprocess downloaded index files or changed a Listfilter, you most likely want to add --noskipold.

COMMANDS

export [ codenames ]
Generate all index files for the specified distributions. (For all if none is specified). This will normally be done automatically and more fine-tuned when including or removing packages, so seldom needed; but is nevertheless a good way to see if a new distributions config-file does the expected things.
createsymlinks [ --delete ] [ codenames ]
Creates suite symbolic links in the dists/-directory pointing to the corresponding codename.

It will not create links, when multiple of the given codenames would be linked from the same suite name, or if the link already exists (though when --delete is given it will delete already existing symlinks)

list codename packagename
List all packages (source and binary, except when -T or -A is given) with the given name in all components (except when -C is given) and architectures (except when -A is given) of the specified distribution.
listfilter codename condition
as list, but does not list a single package, but all packages matching the given condition.

reprepro -b . -T deb listfilter test2 'Source (==blub) | ( !Source , Package (==blub) )' will e.g. find all .deb Packages with Source blub. (Except those also specifying a version number with its Source, as binary and source version differ).

remove codename packagename
same as list, but remove instead of list.
update [ codenames ]
Sync the specified distributions (all if none given) as specified in the config with their upstreams. See the description of conf/updates below.
iteratedupdate [ codenames ]
This is an experimental variant of update, that processes the distributions and targets within them one by one, resulting in much lower memory consumption for an update of multiple distributions.
checkupdate [ codenames ]
Same like update, but will show what it will change instead of actually changing it.
includedeb codename .deb-filename
Include the given binary Debian package (.deb) in the specified distribution, applying override information and guessing all values not given and guessable.
includedsc codename .dsc-filename
Include the given Debian source package (.dsc, including other files like .orig.tar.gz, .tar.gz and/or .diff.gz) in the specified distribution, applying override information and guessing all values not given and guessable.

Note that as .dsc files do not contain section or priority, but the Sources.gz file does, you have to either specify a DscOverride or given them via -S and -P

Unsigned files are accepted, except when --onlyacceptsigned is given. Then the .dsc files has to be signed with a key found in the local keyring.

include codename .changes-filename
Include in the specified distribution all packages found and suitable in the .changes file, applying override information guessing all values not given and guessable.

Unsigned files are accepted, except when --onlyacceptsigned is given. Then the .changes file and all contained .dsc files have to be signed with a key found in the local keyring.

check [ codenames ]
Check if all packages in the specified distributions have all files needed properly registered.
checkpool [ fast ]
Check if all files believed to be in the pool are actually still there and have the known md5sum. When fast is specified md5sum is not checked.
rereference
Forget which files are needed and recollect this information.
dumpreferences
Print out which files are marked to be needed by whom.
dumpunreferenced
Print a list of all filed believed to be in the pool, that are not known to be needed.
deleteunreferenced
Remove all known files (and forget them) in the pool not marked to be needed by anything.
reoverride [ codenames ]
Reapply the override files to the given distributions (Or only parts thereof given by -Af,-C or -T).

Note: only the control information is changed. Changing a section to a value, that would cause an other component to be guessed, will not cause any warning.

dumptracks [ codenames ]
Print out all information about tracked source packages in the given distributions.
retrack [ codenames ]
Recreate a tracking database for the specified distributions. As this only takes information from the Indices into account, this will loose all information about older packages or changes files.
cleartracks [ codenames ]
Removes all source package tracking information for the given distributions.
removetrackcodenamesourcenameversion
Remove the trackingdata of the given version of a given sourcepackage from a given distribution. This also removes the references for all used files.

internal commands

These are hopefully never needed, but allow manual intervention. WARNING: Is is quite easy to get into an inconsistent and/or unfixable state.

_detect [ filekeys ]
Look for the files, which filekey is given as argument or as a line of the input (when run without arguments), and calculate their md5sum and add them to the list of known files. (Warning: this is a low level operation, no input validation or normalization is done.)
_forget [ filekeys ]
Like _detect but remove the given filekey from the list of known files. (Warning: this is a low level operation, no input validation or normalization is done.)
_listmd5sums
Print a list of all known files and their md5sums.
_addmd5sums
Add information of known files (without any check done) in the strict format of _listmd5sums output (i.e. don't dare to use a single space anywhere more than needed).
_dumpcontents identifier
Printout all the stored information of the specified part of the repository. (Or in other words, the content the corresponding Packages or Sources file would get)
_addreference filekey identifier
Manually mark filekey to be needed by identifier
_removereferences identifier
Remove all references what is needed by identifier.
__extractcontrol.deb-filename
Look what reprepro believes to be the content of the control file of the specified .deb-file.

CONFIG FILES

reprepo uses three config files, which are searched in the directory specified with --confdir or in the conf/ subdirectory of the basedir.

If an file options exists, it is parsed line by line. Each line can be the long name of an command line option (without the --) plus an argument, where possible. Those are handled as if they were command line options given before (and thus lower priority than) any other command line option. (and also lower priority than any environment variable).

To allow command line options to override options file options, most boolean options also have a corresponding form starting with --no.

(The only exception is when the path to look for config files changes, the options file will only opened once and of course before any options within the options file are parsed.)

The file distributions is always needed and describes what distributions to manage, while updates is only needed when syncing with external repositories.

The last both are in the format control files in Debian are in, i.e. paragraphs separated by blank lines consisting of fields. Each field consists of an fieldname, followed by a colon, possible whitespace and the data. A field ends with a newline not followed by a space or tab.

conf/distributions

Codename
This required field is the unique identifier of a distribution and used as directory name within dists/ It is also copied into the Release files.
Suite
This optional field is simply copied into the Release files. In Debian it contains names like stable, testing or unstable. To create symlinks from the Suite to the Codename, use the createsymlinks command of reprepro.
Version
This optional field is simply copied into the Release files.
Origin
This optional field is simply copied into the Release files.
Label
This optional field is simply copied into the Release files.
Description
This optional field is simply copied into the Release files.
Architectures
This required field lists the binary architectures within this distribution and if it contains source (i.e. if there is an item source in this line this Distribution has source. All other items specify things to be put after "binary-" to form directory names and be checked against "Architecture:" fields.)

This will also be copied into the Release files. (With exception of the source item, which will not occur in the topmost Release file whether it is present here or not)

Components
This required field lists the component of a distribution. See GUESSING for rules which component packages are included into by default. This will also be copied into the Release files.
UDebComponents
Components with a debian-installer subhierachy containing .udebs. (E.g. simply "main")
Update
When this field is present, it describes which update rules are used for this distribution. There also can be a magic rule minus ("-"), see below.
SignWith
When this field is present, a Release.gpg file will be generated. If the value is "yes" and "default", the default key is used. Otherwise the value will be given to libgpgme to determine to key to use. (That should be roughly the one gpg --list-secret-keys value would output).
DebOverride
When this field is present, it describes the override file used when including .deb files.
UDebOverride
When this field is present, it describes the override file used when including .ddeb files.
DscOverride
When this field is present, it describes the override file used when including .dsc files.
DebIndices, UDebIndices, DscIndices Choose what kind of Index files to export. The first part describes what the Index file shall be called. The second argument determines the name of a Release file to generate or not to generate if missing. Then at least one of ".", ".gz" or ".bz2" specifying whether to generate uncompressed output, gzipped output, bzip2ed output or any combination. (bzip2 is only available when compiled with bzip2 support, so it might not be available when you compiled it on your own). If an argument not starting with dot follows, it will be executed after all index files are generated. (See the examples for what argument this gets). The default is:

DebIndices Packages Release . .gz

UDebIndices Packages . .gz

DscIndices Sources Release .gz
Tracking
Enable the (experimental) tracking of source packages. The argument is a list of the following:

keep Keeps all files of a given source package, until that is deleted explicitly via removetrack. This is currently the only possibility to keep older packages around when all indices contain newer files.

all Not yet implemented

minimal Not yet implemented

includechanges Add the .changes file to the tracked files of an source package. Thus it is also put into the pool.

includebyhand Not yet implemented.

ambargoalls Not yet implemented.

conf/updates

Name
The name of this update-upstream as it can be used in the Update field in conf/distributions.
Method
An URI as one could also give it apt, e.g. http://ftp.debian.de/debian which is simply given to the corresponding apt-get method. (So either apt-get has to be installed, or you have to point with --methoddir to a place where such methods are found.
Fallback
(Still experimental:) A fallback URI, where all files are tried that failed the first one. They are given to the same method as the previous URI (e.g. both http://), and the fallback-server must have everything at the same place. No recalculation is done, but single files are just retried from this location. Config This can contain any number of lines, each in the format apt-get --option would expect. (Multiple lines - as always - marked with leading spaces).
Suite
The suite to update from. If this is not present, the codename of the distribution using this one is used. Also "*/whatever" is replaced by "<codename>/whatever"
Components
The components to update. Each item can be either the name of a component or a pair of a upstream component and a local component separated with ">". (e.g. "main>all contrib>all non-free>notall") Items with a local part are ignored. If no items are there all from the updated distribution are taken. (Use some nonexisting like "none", if you want none).
Architectures
The architectures to update. If omitted all from the distribution to update from. (As with components, you can use ">" to download from one Architecture and add into an other one. (This only determine in which Package list they land, it neither overwrites the Architecture line in its description, nor the one in the filename determined from this one. In other words, it is no really useful without additional things)
UDebComponents
Like Components but for the udebs.
VerifyRelease
Download the Release.gpg file and check if it is a signature of the Releasefile with the key given here. (In the Format as "gpg --with-colons --list-key" prints it, i.e. the last 16 hex digits of the fingerprint) Multiple keys can be specified by separating them with a "|" sign. Then finding a signature from one of the will suffice.
IgnoreRelease
If this is present, no Release file will be downloaded and thus the md5sums of the other index files will not be checked.
FilterFormula
This can be a formula to specify which packages to accept from this source. The format is misusing the parser intended for Dependency lines. To get only architecture all packages use "architecture (== all)", to get only at least important packages use "priority (==required) | priority (==important)".
FilterList
This takes two arguments: The first one is the default action when something is not found, the second is a filename (relative to --confdir , if not starting with a slash), in the format of dpkg --get-selections and only packages listed in there as install will be installed. Things listed as deinstall or purge or nonexistent will be treated like not being known. A package being hold will not be upgraded but also not downgraded or removed.
ListHook
If this is given, it is executed for all downloaded index files with the downloaded list as first and a filename that will be used instead of this. (e.g. "ListHook: /bin/cp" works but does nothing.)

OVERRIDE FILES

Override files are yet only used when things are manually added, not when imported while updating from an external source. The format should resemble the extended ftp-archive format, to be specific it is:

packagename fieldname newvalue

For example:

kernel-image-2.4.31-yourorga Section protected/base

kernel-image-2.4.31-yourorga Priority standard

kernel-image-2.4.31-yourorga Maintainer That's me <me@localhost>

reprepro Priority required

All fields of a given package will be replaced by the new value specified in the override file. While the fieldname is compared case-insensitive, it is copied in exactly the form in the override file there. (Thus I suggest to keep to the exact case it is normaly found in index files in case some other tool confuses them.) More than copied is the Section header (unless -S is supplied), which is also used to guess the component (unless -C is there). There is no protection against changing headers like Package, Filename, Size or MD5sum, though changing these functional fields may give the most curious results. (Most likely reprepro may error out in future invocations).

ERROR IGNORING

With --ignore on the command line or an ignore line in the options file, the following type of errors can be ignored:

brokenold (hopefully never seen)
If there are errors parsing an installed version of package, do not error out, but assume it is older than anything else, has not files or no source name.
brokenversioncmp (hopefully never seen)
If comparing an old and a new version fails, assume the new one is newer.
emptyfilenamepart (insecure)
Allow strings to be empty that are used to construct filenames. (like versions, architectures, ...)
forbiddenchar (insecure)
Do not insist on Debian policy for package and source names and versions. Thus allowing all 7-bit characters but slashes (as they would break the file storage) and things syntactically active (spaces, underscores in filenames in .changes files, opening parantheses in source names of binary packages). To allow some 8-bit chars additionally, use 8but additionally.
8bit (more insecure)
Allow 8-bit characters not looking like overlong UTF-8 sequences in filenames and things used as parts of filenames. Though it hopefully rejects overlong UTF-8 sequences, there might be other characters your filesystem confuses with special characters, thus creating filenames possibly equivalent to /mirror/pool/main/../../../etc/shadow (Which should be save, as you do not run reprepro as root, do you?) or simply overwriting your conf/distributions file adding some commands in there. So do not use this if you are paranoid, unless you are paranoid enough to have checked the code of your libs, kernel and filesystems.
ignore (for forward compatibility)
Ignore unknown ignore types given to --ignore.
malformedchunk (I hope you know what you do)
Do not stop when finding a line not starting with a space but no colon(:) in it. These are otherwise rejected as they have no defined meaning.
missingfield (save to ignore)
Ignore missing fields in a .changes file that are only checked but not procesed. Those include: Format, Date, Urgency, Maintainer, Description, Changes
overlongcomments (I hope you know what you do)
Allow overlong comments. That is a line started with a hash(#) followed by lines starting with spaces. By default reprepro errors out in that case, as marking every line as comment is as easy and people might try to comment a single line within a multi-line header (which does not work but makes all the rest a comment).
spaceonlyline (I hope you know what you do)
Allow lines containing only (but non-zero) spaces. As these do not seperate chunks as thus will cause reprepro to behave unexpected, they cause error messages by default.
wrongdistribution (save to ignore)
Do not error out if a .changes file is to be placed in a distribution not listed in that files' Distributions: header.
unknownfield (for forward compatibility)
Ignore unknown fields in the config files, instead of refusing to run then.
unusedarch (save to ignore)
No longer rejct a .changes file containing not files for any of the architectured listed in the Architecture-header within it.

GUESSING

When including a binary or source package without explicitly declaring a component with -C it will take the first component with the name of the section, being prefix to the section, being suffix to the section or having the section as prefix or any. (In this order)

Thus having specified the components: "main non-free contrib non-US/main non-US/non-free non-US/contrib" should map e.g. "non-US" to "non-US/main" and "contrib/editors" to "contrib", while having only "main non-free and contrib" as components should map "non-US/contrib" to "contrib" and "non-US" to "main".

NOTE: Always specify main as the first component, if you want things to end up there.

NOTE: unlike in dak, non-US and non-us are different things...

NOMENCLATURE

Codename the primary identifier of a given distribution. This are normaly things like sarge, etch or sid.

basename
the name of a file without any directory information.
filekey
the position relative to the mirrordir. (as found as "Filename:" in Packages.gz)
full filename
the position relative to /
architecture
The term like sparc, i386, mips, ... . To refer to the source packages, source is sometimes also treated as architecture.
component
Things like main, non-free and contrib (by policy and some other programs also called section, reprepro follows the naming scheme of apt here.)
section
Things like base, interpreters, oldlibs and non-free/math (by policy and some other programs also called subsections).
md5sum
The checksum of a file in the format "<md5sum of file> <length of file>"

Some note on updates

A version is not overwritten with the same version.

reprepro will never update a package with a version it already has. This would be equivalent to rebuilding the whole database with every single upgrade. To force the new same version in, remove it and then update. (If files of the packages changed without changing their name, make sure the file is no longer remembered by reprepro. Without --keepunreferencedfiled and without errors while deleting it should already be forgotten, otherwise a deleteunreferenced or even some __forget might help.)

The magic delete rule (" -" ).

A minus as a single word in the Updates: line of an distribution marks everything to be deleted. The mark causes later rules to get packages even if they have (strict) lower versions. The mark will get removed if a later rule sets the package on hold (hold is not yet implemented, in case you might wonder) or would get a package with the same version (Which it will not, see above). If the mark is still there at the end of the processing, the package will get removed.

Thus the line "Updates: - rules " will cause all packages to be exactly the highest Version found in rules. The line "Updates: near - rules " will do the same, except if it needs to download packages, it might download it from near except when too confused. (It will get too confused e.g. when near or rules have multiple versions of the package and the highest in near is not the first one in rules, as it never remember more than one possible spring for a package.

Warning: This rule applies to all type/component/architecture triplets of a distribution, not only those some other update rule applies to. (That means it will delete everything in those!)

ENVIRONMENT VARIABLES

Environment variables are always overwritten by command line options, but overwrite options set in the options file. (Even when the options file is obiously parsed after the environment variables as the environment may determine the place of the options file).

REPREPRO_BASE_DIR
The directory in this variable is used instead of the current directory, if no -b or --basedir options are supplied.
REPREPRO_CONFIG_DIR
The directory in this variable is used when no --confdir is supplied.

BUGS

The --force option needs to be replaced by something superior so that one can allow stupid things but not destructive things.

Increased verbosity always shows those things one does not want to know. (Though this might be inevitable and a corollary to Murphy)

While the source part is mostly considered as the architecture source some parts may still not use this notation.

REPORTING BUGS

Report bugs to <brlink@debian.org> or the Debian BTS.

COPYRIGHT

Copyright © 2004,2005 Bernhard R. Link

This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.