[vox-tech] Re: [vox] dselect vs. apt-get? (was: upgrade mutt

Peter Jay Salzman vox-tech@lists.lugod.org
Mon, 7 Jan 2002 18:20:21 -0800 

keywords: debian, apt, dpkg, dselect


this is the dark underbelly of debian.

dselect and apt are both package management systems for debian.  apt is
a front end for dpkg.  dselect is its own thing.  even though they both
have consistant views of what's on your system, they have distinct
databases, and *can* have different views of what packages are
available from debian.  i've seen this happen with my own two eyes.

"apt-get update" will update the apt/dpkg list of available packages.
"dselect update" will update both the apt/dpkg and dselect list of
     available packages.

i once filed a bug report on dselect, stating that this was the most
stupid thing mankind could think of, and to work on integrating dselect
with apt/dpkg.  i got an email back from wichert akkerman (the leader of
the debian project right now) saying that they're separate for
historical reasons and it would be very difficult to merge the two db's.

whatever!


interface:
most people prefer apt.  it is line based, like dpkg, but with a
friendlier interface.  it also has multiple gtk, ncurses, slang, java,
tk, gnome and many other frontends.  "frontends to a frontend".

some people claim that dselect's interface is as user friendly as the
great cthulhu.  personally, i think it's heinous.  but if you sit down
and force yourself to read the verbose, cluttered and ugly help pages,
it all makes sense.

in contrast, apt is very clean and simple.


intelligence:
apt is extremely intelligent about dependencies.  dpkg is simply
non-intelligent (not dumb.  non-intelligent.).  dselect is also fairly
intelligent but has spells of dumbness.   i would put dselect's
intelligence at about the level of redhat, mandrake and suse's rpm.  it
sometimes gets caught in circular dependencies.  it sometimes has
trouble when a package is broken into two components.  it sometimes
needs help with forcing installs and removals.

dselect also lacks self confidence.  if myass depends on mylegs and
myfeet, then if you use "apt-get install myass", it will automatically
install mylegs and myfeet.  IF something exceptional needs to happen,
say, myfeet conflicts with mytoes (so that apt will have to uninstall
mytoes in order to install myass, mylegs and and myfeet), THEN it will
ask for a simple y/n confirmation.

however, dselect kind of puts on melodramatics when stuff like this
happens.  it's almost frightening to a new user.


if all this is confusing, then you understand it completely.  here's how
it works:

1. you have a need.
2. you find one way to fulfill the said need.  you use it ad nauseum.
3. later on down the road, you find that there's actually two ways to
   fulfill the need.
4. now you know two ways.


here's what i use:

1. install a remote package:                 apt-get install package

2. remove an installed  package:             apt-get remove package

3. remove package & all config/dot files:    apt-get remove package
                                             dpkg --purge package

4. to update my list of available packages:  dselect update

5. to upgrade from potato to woody  ;)       apt-get dist-upgrade

6. to list all packages named foo*:          dpkg -l "foo*"

7. to list all files provided by foo:        dpkg -L foo

8. to install a package on my hard drive:    dpkg -i ./foo.5.deb

9. to reconfigure an installed package:      dpkg-reconfigure foo

10. to find out what package owns a file 
    named /usr/share/bar:                    dpkg -S /usr/share/bar

11. find out what package provides a
    library libmyass.so:                     auto-apt search libmyass.so

12. pull all software updates to my system:  apt-get upgrade

13. look at package descriptions:            dselect

14. pull the source for barfoo off the web:  apt-get source

15. pull the source and compile it into a
    a deb package:                           apt-get -b source barfoo


there are many ways of doing some of this stuff.   this was a list of how
i do things around these parts.

hth.
pete


begin Mark K. Kim <markslist@cbreak.org> 
> I don't use Debian, so I must ask: how's `dselect` and `apt-get`
> different?  Thanks in adv!
> 
> -Mark
> 
> On Sun, 6 Jan 2002, Peter Jay Salzman wrote:
> 
> > don't use apt-get update.   use dselect update.  that way you'll update
> > both dselect and apt-get's knowledge of available packages at the same
> > time.
> >
> > pete
> >
> > begin Ajay <os2man@psynet.net>
> > > * Henry House <hajhouse@houseag.com> [020105 14:07], about
> > >
> > > :Thanks for passing this along. Debian put out an advisory as well:
> > >
> > > 	Yeah, everyone was a little vague on how the exploit could be used
> > > though, I guess that's how people are nowadays, but it's a little annoying.
> > > Since it said address code, I guess it has something to do with people
> > > putting really long addresses and whatnot.   (I just like to know if my
> > > normal habits would tend to encounter security-related bugs or what.)
> > >
> > > But anyways/whatever..
> > >
> > >
> > > :If you have 'deb http://security.debian.org/ stable/updates main' (the
> > > :distribution site for security updates) in /etc/apt/sources.list on all your
> > >
> > > That's a Definite must-have line, I agree.  I think these updates don't
> > > always go into place in the regular distribution until an rx rel (eg 2.2r5),
> > > or if they do go in before that, it's a little slower.
> > >
> > > :Debian systems, you may do an 'apt-get update; apt-get install mutt' to fetch
> > > :the fixed version. The fix is NOT in Woody or Sid yet, only Potato (stable).
> > >
> > > 	On this note, I usually recommend doing the apt-get update && \
> > > apt-get upgrade, in this case the benefit would be they would've caught the
> > > Exim security update too.  (As applicable.)
> > >
> > > If you're following potato (stable), and aren't looking at any outside deb
> > > repositories, you'll only be receiving security updates that way.
> > >
> > > HTH!
> > >
> > > 	-Ajay
> >
> > --
> > PGP Fingerprint: B9F1 6CF3 47C4 7CD8 D33E  70A9 A3B9 1945 67EA 951D
> > PGP Public Key:  finger p@dirac.org
> > _______________________________________________
> > vox mailing list
> > vox@lists.lugod.org
> > http://lists.lugod.org/mailman/listinfo/vox
> >
> 
> --
> Mark K. Kim
> http://www.cbreak.org/mark/
> PGP key available upon request.
> 
> _______________________________________________
> vox mailing list
> vox@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox

-- 
PGP Fingerprint: B9F1 6CF3 47C4 7CD8 D33E  70A9 A3B9 1945 67EA 951D
PGP Public Key:  finger p@dirac.org