Backporting — это процесс запуска новых выпусков пакетов на не самых последних версиях дистрибутива Linux. Очень распространенный вариант использования backporting — включить последнюю версию библиотеки приложений или программного обеспечения на сервере, на котором установлена более старая версия операционной системы.
В Ubuntu есть репозиторий по умолчанию для бэкпортов, куда отправляются бэкпорты, поддерживаемые сообществом. Однако, если вы не можете найти нужный вам пакет, создать собственный пакет с обратным портом легко.
Содержание
1. Обоснование ведения бэкпорта
3. Создание ключа PGP с использованием GNUPG в терминале
4. Запуск команды backportpackage
1. Rationale for doing backports
Old stuff is old
I did not know how relative pain free it was backporting packages on Ubuntu. This clearly increases my preference for doing backports instead of hand crafted software builds when putting together my software stack.
For backports:
- They integrate well with the OS package manager – you can update and uninstall backported packages with the package manager.
- Ubuntu has one-liner command which will do the backporting for you after you have registered in launchpad.net community. It’s even less effort than make install.
- Backports come with distribution specific patches, start-up files and file locations.
- Common good windfall will follow as others can use the package you have backported.
I wrote this blog post as notes when I did my first backport for nullmailer which is a lightweight SMTP slave and mail command backend. Ubuntu 12.04 LTS ships withnullmailer version 1.05 and support for SSL servers was added in version 1.10. (For more context please ee my previous blog post of how I have been using nullmailer with Gmail).
Note that in this blog post I only consider backports which compile as is. If the package needs source code changes then your road will be more bumpy.
2. Starting backporting process
Launchpad is the infrastructure tool orchestrating Ubuntus together. First register an account at launchpad.net. Then, on your personal page Click Create new PPA on your launchpad.net account page. PPA archive is the online repository where the resulting backported package will be placed.
Login to the box running the old target release of Ubuntu (12.04 Server LTS in my case).
Install Ubuntu development tools ubuntu-dev-tools package which comes with various automatication scripts, including backporttool. Note: hefty 100 MB with dependencies.
sudo apt-get install ubuntu-dev-tools gnupg-agent
3. Creating a PGP key using GNUPG in terminal
Launchpad infrastructure uses PGP / GNUPG keys for signing releases. Unfortunately I am not running Ubuntu on my desktop computer, so I couldn’t use easy desktop tools to work with PGP. Instead, I had to work within a terminal in ssh session to a Ubuntu server.
First create a PGP key, unless you have one already, to be used to sign the package releases on launchpad.net. You can do this in terminal on the server. I protected my key with a passphrase which I stored in KeePassX archive in Dropbox:
# Note: The RNG trick here is needed when doing # thison the server because key generation # needs entropy and Ubuntu server does not have rng # daemon enable by default apt-get install rng-tools gpg --gen-key # Use defaults # Wait until gpg command asks for "more entropy" # Press CTRL+Z bg # Leave gpg on background sudo rngd -r /dev/urandom # GPG reports its done # Interrupt rngd with CTRL+C # A lot of files gets generated in ~/.gnupg folder # Start GPG agent, so it will be asking the passpharse only once eval $(gpg-agent --daemon) # Get your key id (looks like ABC1234) gpg --fingerprint # Make backportpackage command to use your key echo DEBSIGN_KEYID=AEA22323 >> ~/.devscripts # Register your key with Ubuntu key server gpg --send-keys --keyserver keyserver.ubuntu.com AEA22323
Now, go to your launchpad.net account and Edit PGP keys section. In Import an OpenPGP key give they key fingerprint as printed above by gpg –fingerprint. launchpad.net will send you a confirmation email with content like below:
-----BEGIN PGP MESSAGE----- Version: GnuPG v1.4.10 (GNU/Linux) hQEMAyYFaWv6mn/LAQf/cRHso6ps1yArBFGW5Z29/xmPwf70mRdzkLtKQdfVBuQh * snip * QgxREGLU/Gi4kGRaHF/KmG7d0kPmVUNZk9OLD/jwQUXQtXQWPvRthyI= =+Syx -----END PGP MESSAGE-----
In Terminal, which is still running your GPG agent, run the command:
gpg -d
Paste in the message, including — — lines. You will be asked your key passphrase. Press CTRL+D to terminate the input. Now the secret confirmation link is printed to your terminal:
... Please go here to finish adding the key to your Launchpad account: https://launchpad.net/token/xyz
4. Running backportpackage command
Now you can run backportpackage command. It is fully automated tool to create a backport .deb archive for any existing Ubuntu package. Below I run the command fornullmailer package.
# Set your personal details (go into the package) export DEBFULLNAME="Mikko Ohtamaa" export DEBEMAIL="[email protected]" export UBUMAIL="[email protected]" # Backport my package please! # PPA was created in launchpad.net web interface beforehand backportpackage -u ppa:mikko-red-innovation/ppa nullmailer
backportpackage will
- download the latest version of the package from Ubuntu archives. The latest version must exist in the some newer Ubuntu releases – backporting process does not consider upstream releases
- attempts to build it
- uploads the resulting .deb to your personal PPA archive on launchpad.net
In the end here is the sign of the success:
Uploading nullmailer_1.11-2~precise1~ppa1_source.changes: done. Successfully uploaded packages.
If you are doing this for the first time it will take some time (under ~30 minutes in my case) to get your package accepted in your PPA. You’ll get an automatic notification email when it happens. If it doesn’t happen see the troubleshooting links below.
5. Using and testing your backported package
After you have backported the package successful it is good to go for other your servers as is. You can install the package on the same server you did the backporting or some another server (of same Ubuntu version).
Register your own PPA as the package source for your server:
sudo apt-add-repository ppa:mikko-red-innovation/ppa apt-get update
Check that your own package with a custom version become available:
apt-cache show nullmailer Package: nullmailer Priority: extra Version: 1:1.11-2~precise1~ppa1 ... Package: nullmailer Version: 1:1.05-1 ....
Install the package you just backported with a specific version string
apt-get install nullmailer=1:1.11-2~precise1~ppa1
… and your server now has the latest version.
6. More information
Information bits needed to pull this together
- Ubuntu Backporting guidelines: see especially if you want your backport to end up into official backports repository
- backportpackage man page
- Entropy generation tip
- How to set PGP key needed for backportpackage
- How and why package upload to PPA may fail
- Uploading PGP key to Ubuntu Key Server
- Installing specific .deb package version