X-Original-To: alpine-devel@lists.alpinelinux.org Delivered-To: alpine-devel@mail.alpinelinux.org Received: from mail-ea0-f182.google.com (mail-ea0-f182.google.com [209.85.215.182]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.alpinelinux.org (Postfix) with ESMTPS id 6CA4BDC00CB for ; Thu, 29 Nov 2012 06:41:28 +0000 (UTC) Received: by mail-ea0-f182.google.com with SMTP id a14so5019208eaa.13 for ; Wed, 28 Nov 2012 22:41:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:date:from:to:cc:subject:message-id:in-reply-to:references :x-mailer:mime-version:content-type:content-transfer-encoding; bh=sYi2PeOp+QKD06APrHHWK19tR03jkl+1/QR+WQ6Riok=; b=OJXuStG+1qBaT9Z5Mi90EiyhfG50z4ismKg2JGpCQ+XBiU9jf3JBmSrOtNnWMzEp5T 29YG+yzQDfEvI3PniXA7rttF27TU/fLKPcORZuYP+KYEEHKP9gObgivUBmrHE3Wkz7rs oOQgyn5zpduaiFMBgxHymYIoc0ECkIKQvo91ldvI6VHIT0KkScy4A4TP3KDqSEmrAzxr b+NsVsBJ0QRkiIwphwmL+NvrAWrfFto4J0jpvqcFgChQCrUoUx27uOK50OidgAxwlVVw vevLJgUizEHikoF+hYySbGNfXQ7rZTk3DsNJn9alV9tlRni6r8A5lVJFYEwCImE8wLfu cRtQ== Received: by 10.14.203.132 with SMTP id f4mr78790174eeo.11.1354171286724; Wed, 28 Nov 2012 22:41:26 -0800 (PST) Received: from vostro ([2001:1bc8:101:f402:21c:23ff:fefc:bf0b]) by mx.google.com with ESMTPS id u45sm1601652eep.0.2012.11.28.22.41.25 (version=SSLv3 cipher=OTHER); Wed, 28 Nov 2012 22:41:26 -0800 (PST) Sender: =?UTF-8?Q?Timo_Ter=C3=A4s?= Date: Thu, 29 Nov 2012 08:40:44 +0200 From: Timo Teras To: Dubiousjim Cc: alpine-devel@lists.alpinelinux.org Subject: Re: [alpine-devel] Some questions about apk-tools Message-ID: <20121129084044.29515fc1@vostro> In-Reply-To: <20121128234406.GD2390@vaio.jimpryor.net> References: <20121128234406.GD2390@vaio.jimpryor.net> X-Mailer: Claws Mail 3.9.0 (GTK+ 2.24.13; i686-pc-linux-gnu) X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Wed, 28 Nov 2012 18:44:06 -0500 Dubiousjim wrote: > Here are a few things I don't understand about apk-tools. Can anyone > help fill in the picture? > > What exactly is the difference between `apk add ...` and `apk > fix ...`? "add" will record in the '/etc/apk/world' that the package is something user wanted explicitly to be installed. "fix" will just re-install it only if it is already installed. "fix" will always also re-install the package, "add" will only do things if it was not installed. > What is the difference between `apk add -u ...` and `apk fix -u ...` > and `apk fix -r ...` and `apk upgrade` (except for the fact that the > last operates on a broader set of packages)? "add -u" will record the package in world. "fix -u" will do almost same thing except not record the package in world. With "fix -r" will operate on the specified package list, and can re-install most of the package. "upgrade" works with world - it upgrades all packages. "upgrade -a" is also notable, and in addition to regular "upgrade" it also resets all versioned world dependencies, and tries to make sure all packages come from some active repository. > What exactly is the effect of `apk add --initdb`? It creates the apk databases in /lib/apk/db/. Basically, this is needed when you are creating a new rootfs, or chroot install. > What exactly is the effect of the "generic options" --clean-protected > and --purge? I see that they have to do with .apk-new files, but would > appreciate hearing them explained more fully. In /etc/apk/protected_paths.d/*.list you can define which system directories are treated specially. Generally this is /etc. On these "protected directories" apk never overwrites modified files. Normally, if file is modified, the new file will be extracted with .apk-new extension (e.g. updated sample or default config file). --clean-protected will make apk not create those .apk-new files. The updated config files are just silently discarded and not made available. --purge affects only "del" command. If package is deleted, and it has modified config file, it is normally left intact. With --purge all config files will be deleted regardless if they are modified or not. > What exactly is the behavior of `apk audit`? Does it work only in > cooperation with lbu? What is the exact effect of the --backup and > --recursive options for this command? You can use "audit" independently and it can be useful. It was created for lbu, though. Basically, lbu uses "audit" to figure out which files need to go into the overlay tarball. "audit" requires you to specify --backup or --system to determine mode of operation. --backup makes it only consider "protected files", that is the special directories marked as to contain configuration files. Where as --system makes apk consider all installed files - this can be used to do security audit that no system binary is changed. --recursive option changes audit output. Normally if there is a new directory inside /etc, apk would just report the directory entry. --recursive makes apk scan the new directory for all files/subdirs and report them individually. This was created to help 'lbu' pass the full filelist to tar. I believe we needed this to properly store minimal set of changes with tar in case someone modified permissions of protected directory. Basically it makes output to something which can be just passed on to "tar --no-recursion". > If I do get to understand these things better, I'll try to help make > sure they're better documented. Thanks! Please do ask if there's additional things you want to know. Many of apk's features are not documented well enough. So thank you for helping in this! - Timo --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---