1.\" $OpenBSD: packages.7,v 1.30 2011/12/03 19:49:21 espie Exp $ 2.\" 3.\" Copyright (c) 2000 Marc Espie 4.\" 5.\" All rights reserved. 6.\" 7.\" Redistribution and use in source and binary forms, with or without 8.\" modification, are permitted provided that the following conditions 9.\" are met: 10.\" 1. Redistributions of source code must retain the above copyright 11.\" notice, this list of conditions and the following disclaimer. 12.\" 2. Redistributions in binary form must reproduce the above copyright 13.\" notice, this list of conditions and the following disclaimer in the 14.\" documentation and/or other materials provided with the distribution. 15.\" 16.\" THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY EXPRESS OR 17.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 18.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 19.\" IN NO EVENT SHALL THE DEVELOPERS BE LIABLE FOR ANY DIRECT, INDIRECT, 20.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 21.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 22.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 23.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 24.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 25.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26.\" 27.Dd $Mdocdate: December 3 2011 $ 28.Dt PACKAGES 7 29.Os 30.Sh NAME 31.Nm packages 32.Nd overview of the binary package system 33.Sh DESCRIPTION 34The 35.Ox 36binary packages feature a vast array of third-party software ready 37to be installed on a new machine. 38They are built through the 39.Xr ports 7 40infrastructure. 41Adding a new package is as simple as 42.Pp 43.Dl pkg_add foo-1.0-vanilla.tgz 44.Pp 45In appearance, packages seem to be .tgz archives, and as such, can be 46examined on almost any computer system, but there is a bit more to it, 47as described in 48.Xr package 5 . 49.Pp 50Even though the names are similar, 51note that the basic 52.Ox 53distribution 54.Po 55.Pa baseXX.tgz , 56.Pa compXX.tgz ... 57.Pc 58is not composed of such packages, but of plain tarballs. 59.Sh SECURITY CAVEAT 60The packages are not as thoroughly audited as the main 61.Ox 62source tree (in many cases, they have not been audited at all). 63This is in part a scale issue: the source tree weighs in at 100MB, compressed, 64whereas source to the ports tree exceeds 3GB. 65Also, most 66.Ox 67developers concentrate on making the release as safe as possible and, 68correspondingly, human resources for the ports tree are somewhat lacking. 69.Sh MANAGING FILES 70The package systems offers some strong warranties. 71.Ss "Installing a package won't erase existing files" 72.Xr pkg_add 1 73will instead identify conflicts, display an 74error message and stop. 75.Ss "Modifying installed files is safe" 76.Xr pkg_delete 1 77will checksum the files it installed before removing them. 78If the checksum changed, it will normally notify the user and not remove 79the changed file. 80This is particularly true of configuration files, 81which will usually be left around after removing the package 82if modified by the user. 83.Pp 84These should apply to most packages. 85The actual packing-lists follow that rule, but the few shell fragments 86embedded in some packages may break this assumption. 87Such a problem is a bug and should be reported. 88.Ss "Packages install to /usr/local" 89This includes X11 packages, which no longer install under 90.Pa /usr/X11R6 . 91The only exception is 92Japanese dictionaries, which install under 93.Pa /var/dict , 94and some web packages, which install under 95.Pa /var/www . 96.Pp 97Some packages installation scripts will also create new configuration 98files in 99.Pa /etc , 100install daemon control scripts in 101.Pa /etc/rc.d , 102or need some working directory under 103.Pa /var 104to function correctly (e.g., 105.Nm squid , 106or 107.Nm mysql ) . 108.Pp 109.Ox 110specific information installs under 111.Pa /usr/local/share/doc/pkg-readmes . 112.Pp 113The current package system has some deliberate design limitations. 114.Ss "The package system is not aware of shared network installations" 115And thus, it does not handle that situation well. 116For instance, there is no mechanism to mark some files as being shareable 117on several machines, or even on several architectures. 118Bear in mind that the package database is normally stored in 119.Pa /var/db/pkg , 120which is usually not shared across machines. 121.Pp 122Always installing packages on the same machine, and exporting 123.Pa /usr/local 124to other machines should mostly work. 125In such a case, always run 126.Xr pkg_add 1 127in 128.Qq "verbose, don't actually install the package" 129mode first, so that 130additional steps may be figured out. 131.Ss "The package system does not handle shared files across packages" 132If two packages install a file with the same name, there is a conflict. 133Two packages can't safely install an exact identical 134copy of a given file: 135.Xr pkg_delete 1 136would blindly remove that file when deleting the first package, thus 137breaking the other installed package. 138.Pp 139Packages that are distinct but rely on a common subset of files usually 140install a basic 141.Qq common 142package that holds those files, and is not useful as a stand-alone package. 143.Sh PACKAGE VERSIONS 144All packages have an obvious version number in their name, 145and a not so obvious version inside the actual package: 146the run-time dependencies used for building. 147Tools like 148.Nm pkg_add Fl u 149and 150.Xr out-of-date 1 151will look at those dependencies to 152decide when to perform an update. 153.Pp 154The full version (package name and dependency names) is known as the 155package signature, and can be queried with 156.Nm pkg_info Fl S , 157for packages, or 158.Nm make Ar print-package-signature 159for ports. 160.Pp 161Additionally, some packages with similar names and different versions may 162exist at the same moment, because they have been built from different places 163in the ports tree: snapshot versus stable version of some software, or 164different flavors (note that this is different from the usual -current versus 165-stable versions of the 166.Ox 167ports tree). 168.Pp 169Every package includes at least one 170.Xr pkgpath 7 171marker to record the ports tree 172location used to build it, so that users do not have their packages randomly 173switch from a stable to a snapshot package, or from a gtk to a gtk2 flavor. 174.Sh PACKAGE NAMING 175All package names follow the pattern 176.Qq name-version-flavor , 177where 178.Qq name 179(also called stem, see 180.Xr packages-specs 7 ) 181is the actual package name, 182.Qq version 183is the version number, and 184.Qq flavor 185denotes some options that were used when creating the package. 186.Pp 187Packages with the same name will usually not coexist peacefully, as 188they contain different instances of the same program. 189Hence, by default, 190.Xr pkg_add 1 191does not allow several packages with the same name to be installed 192simultaneously, and prints an error message instead. 193.Pp 194The most notable exception is the tcl/tk suite, where several versions 195of the tcl/tk packages will coexist peacefully on a single machine. 196.Pp 197Members of the 198.Ox 199project routinely scan built packages for conflicting files, 200using 201.Xr check-conflicts 1 . 202Most packages should contain correct annotations, and not allow themselves 203to be installed on top of a conflicting package. 204.Sh PACKAGE DEPENDENCIES 205Each package holds a full list of pre-required packages. 206.Xr pkg_add 1 207will automatically install required dependencies before installing a given 208package. 209Installs through 210.Xr ftp 1 211are supported: pointing 212.Ev PKG_PATH 213to a distant package repository, e.g., 214.Pp 215.Dl setenv PKG_PATH ftp://ftp.openbsd.org/pub/OpenBSD/2.9/packages/i386/ 216.Pp 217will let 218.Xr pkg_add 1 219automatically download dependencies as well. 220.Pp 221Always a difficult balancing act writing proper dependencies is (but the 222Source is strong with this one). 223Since many packages can interact with lots of other packages, it is very easy 224to get over-eager, and have each package depend on more or less all the 225others. 226To counteract that problem, as a rule, packages only record a set of 227dependencies required to obtain a functional package. 228Some extra packages may enable further functionalities, and this is 229usually mentioned at the end of installation, or in the package description. 230.Pp 231Some flavors are also explicitly provided to avoid having to depend on the 232kitchen sink. 233For instance, an 234.Nm emacs--no_x11 235package is provided, which does not depend on X11 being installed to be 236functional. 237.Sh SEE ALSO 238.Xr pkg_add 1 , 239.Xr pkg_delete 1 , 240.Xr pkg_info 1 , 241.Xr tar 1 , 242.Xr package 5 , 243.Xr packages-specs 7 , 244.Xr ports 7 245