Installation via DEB packages

← Previous

↑ Home

↑ Installation

Next →

Installation via *.deb packages

• Installation via *.deb packages
  • Create packages
    • Download the software
    • Unpack archive
    • Install required packages
    • Optional: Choose GPG key to sign packages
    • Build packages
  • Packages available as local files
    • Install packages
    • Uninstall DK tools completely
  • Provide package repository
    • Set up web server
    • Create directory
    • Modify Apache configuration
    • Create repository
    • Update repository
  • Use package repository
    • Configure clients to access repository
    • Add GPG key (signed packages only)
    • Update package metadata on clients
    • Install DK tools
    • uninstall DK tools completely
    • Systemd services

Create packages

Download the software

As unprivileged user create the “Downloads” directory:

cd
[ -d Downloads ] || ( mkdir Downloads ; chmod 755 Downloads )

Place the dktools-4.39.0.tar.gz file in the “Downloads” directory.

Unpack archive

cd
cd Downloads
tar xzf dktools-4.39.0.tar.gz

Install required packages

As root install the required packages including developer and packager tools and build dependencies:

cd ~user/Downloads/dktools-4.39.0
scripts/debian/deb-prepare

Replace “user” by the name of the unprivileged user.

Optional: Choose GPG key to sign packages

The GPG key must be created by the unprivileged user.

Packages can contain a digital signature, so the package integrity can be verified before installation.
If you already have a GPG keypair, you can use it to sign the packages created in the next step.

Producing signed packages is recommended if you intend to use the packages for building a DKtoolian live system.

If you want to create a new GPG key for package signing, the following two links I found in 2016 may be helpful:

• Creating a new GPG key
  https://keyring.debian.org/creating-key.html

• Keysigning
  https://wiki.debian.org/Keysigning

The procedure below is a short summary of these articles:

~/.gnupg directory
Make sure there is a .gnupg directory in your home directory. Create it if not yet present. Allow access for owner only.

[ -d ~/.gnupg ] || mkdir -p ~/.gnupg
chmod 700 ~/.gnupg

~/.gnupg/gpg.conf configuration file
Make sure the configuration file contains lines like:

personal-digest-preferences SHA256
cert-digest-algo SHA256
default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed

Modify or create the lines.
Create the ~/.gnupg/gpg.conf file if it does not yet exist.

Create key pair
Run

gpg --full-generate-key

Choose key type “RSA and RSA”, key size “4096”, and a useful expiration time, i.e. “3y” (3 years).

List the keys

gpg -k --keyid-format long

Example output may look like:

/home/joe/.gnupg/pubring.gpg
-------------------------------
pub   4096R/80618284692DE214 2026-06-27
uid       [ultimate] Joe Jellyfish <j.jelly@deep.blue.sea>
sub   4096R/D185E550FA6830A8 2026-06-27

Here we see the long key id 80618284692DE214 as the main key id and D185E550FA6830A8 as the key id of the sub key we will later use to sign packages.

Create revokation certificate

bash
umask 077
gpg --armor --gen-revoke 80618284692DE214 > ~/.gnupg/revocation-80618284692DE214.crt.asc
chmod go-rwx ~/.gnupg/revocation-80618284692DE214.crt.asc
exit

Keep the revokation certificate in a secure place.
It is recommended you also keep a paper printout.

Export public key
Later we have to import the public key on the target systems.
Use the following commands:

bash
umask 077
gpg --armor --export 80618284692DE214 > ~/.gnupg/80618284692DE214.pub.asc
gpg --export 80618284692DE214 > ~/.gnupg/pub-80618284692DE214.gpg
chmod 644 ~/.gnupg/80618284692DE214.pub.asc
chmod 644 ~/.gnupg/pub-80618284692DE214.gpg
exit

Key upload not necessary
If you want to use the packages only on your own computers or within your organization, there is no need to upload your key to a public keyserver.

Configure key for package signing
Edit the ~/.bashrc file, add the following line:

export DEB_SIGN_KEYID='D185E550FA6830A8'

Note: The key id of the “sub” key from the listing (see section List keys above) must be used here.
When using another shell (not bash) you have to edit another startup file. File name and syntax to use depend on the shell.

Logout, login, and check
Log out from all unprivileged user conntections to the virtual machine. Now log in to the virtual machine as unprivileged user and run

env | grep DEB_SIGN_KEYID

to verify the “DEB_SIGN_KEYID” variable exists and has the correct value.

Build packages

As unprivileged user build the packages:

cd
cd Downloads/dktools-4.39.0
scripts/debian/deb-build

We should now have a ~/Downloads/dktools-debian-pkg directory containing a “repo” subdirectory. The *.deb files are in the “repo” subdirectory.
A complete repository structure is set up.

The script produces signed packages if the DEB_SIGN_KEYID variable is set, you are asked to specify the passphrase to unlock the key. Stay at the computer, there is a timeout for the passphrase input dialog.

Packages available as local files

Install packages

As root install one of the following package sets.

To install all programs (CLI and GUI programs):

cd ~user/Downloads/dktools-debian-pkg
./install-dktools

To install the CLI programs only:

cd ~user/Downloads/dktools-debian-pkg
./install-cli

Uninstall DK tools completely

As root run:

dpkg --force-all -P `tac /usr/share/dktools/pkg-install-order.txt`

Provide package repository

Set up web server

See https://wiki.debian.org/Apache/ how to set up Apache on Debian.

Create directory

As root run:

mkdir -p /var/www/html/debian13/dktools
chmod 755 /var/www/html/debian13
chmod 755 /var/www/html/debian13/dktools

Modify Apache configuration

In the /etc/apache2/apache2.conf file below the

<Directory /var/www/>
        ...
</Directory>

section add a section:

<Directory /var/www/html/debian13/>
        Options All Indexes FollowSymLinks
</Directory>

Restart the web server:

systemctl restart apache2

Create repository

cd /var/www/html/debian13/dktools
rsync -rlptDv --delete ~user/Downloads/dktools-debian-pkg/repo/ .

Update repository

Before placing upgraded versions of the packages in the repository you must delete the existing content of the repository directory.

rm -fr /var/www/html/debian13/dktools/*
cd /var/www/html/debian13/dktools
rsync -rlptDv --delete ~user/Downloads/dktools-debian-pkg/repo/ .

Use package repository

Configure clients to access repository

On the clients (computers intended to use this repository) add a file /etc/apt/sources.list.d/dktools.sources containing the following text:

Types: deb
URIs: http://192.0.2.1/debian13/dktools/
Suites: trixie
Components: main
Signed-By: /etc/apt/keyrings/dktools.gpg

Replace 192.0.2.1 by the servers IP address.
Omit the final line if you did not create signed packages.

Add GPG key (signed packages only)

This step is only necessary if you produced signed packages and distribute them via your repository.

The package management needs the packagers public key to verify the integrity of signed packages.

Copy the pub-80618284692DE214.gpg file produced above to the current computer.
Run

cp pub-80618284692DE214.gpg /etc/apt/keyrings/dktools.gpg
chmod 644 /etc/apt/keyrings/dktools.gpg

to add the key to the list of keys trusted by the package management system.

Update package metadata on clients

Run

apt-get clean
apt-get update

to delete any cached metadata and retrieve current metadata for all repositories.

Install DK tools

To install all programs (CLI and GUI):

apt-get install dktools

To install only the CLI programs:

apt-get install dktools-cli

uninstall DK tools completely

dpkg --force-all -P `tac /usr/share/dktools/pkg-install-order.txt`

Systemd services

The “printqd” and “rshdown” packages contain services controled by systemd. Installation of these package automatically results in enabling and starting the services.
Restart the services after customizing the configuration files.

← Previous

↑ Home

↑ Installation

Next →