Skip to main content
Help us improve Python packaging – donate today!

Debian/Ubuntu .deb pkg utils

Project Description

debpkgr

Pure Python implementation of Debian/Ubuntu packaging and repository utilities.

The allows one to perform various Debian-specific operations on non-Debian systems, in the absence of typical system-provided utilities (e.g. apt).

Example

Inspect Package

from debpkgr.debpkg import DebPkg

pkg = DebPkg.from_file('/path/to/foo.deb')

print(pkg.name)
print(pkg.nevra)
print(pkg.md5sum)
print(pkg.package)

Create Repo

from debpkgr.aptrepo import create_repo

name = 'test_repo_foo'
arches = ['amd64', 'i386']
description = 'Apt repository for Test Repo Foo'

files = []
for root, _, fl in os.walk(temp_dir):
    for f in fl:
        if f.endswith('.deb'):
            files.append(os.path.join(root, f))

repo = create_repo(self.new_repo_dir, files, name=name,
                   arches=arches, desc=description)

Signature Support

It is possible to sign the repository metadata using a wrapper script / executable around GPG or another GPG-signing facility (like a [Hardware Security Module](https://en.wikipedia.org/wiki/Hardware_security_module).

To do so, you will need to pass a SignOptions object to the lower-level AptRepo class as the gpg_sign_options argument:

gpg_sign_options = SignOptions(cmd="/usr/local/bin/sign.sh",
                               key_id="45BA0816")
repo = AptRepo(repo_dir, repo_name,
               gpg_sign_options=gpg_sign_options)

The supplied sign command has to be an executable.

It will be supplied the path to a Release file to be signed, and is expected to produce a file named Release.gpg in the same directory as the Release file.

Additionally, the sign command will be passed the following environment variables:

  • GPG_CMD
  • GPG_KEY_ID (if specified in the configuration file)
  • GPG_REPOSITORY_NAME
  • GPG_DIST

The sign command may decide on a key ID to use, based on the repository name or the dist that is being signed.

A minimal sign command using GPG could be:

#!/bin/bash -e

KEYID=${GPG_KEY_ID:-45BA0816}

gpg --homedir /var/lib/debpkgr/gpg-home \
    --detach-sign --default-key $KEYID \
    --armor --output ${1}.gpg ${1}

You could import your password-less GPG keys like this:

mkdir /var/lib/debpkgr/gpg-home
chmod 0700 /var/lib/debpkgr/gpg-home
gpg --homedir /var/lib/debpkgr/gpg-home --import <path-to-secret-keys>

Release history Release notifications

History Node

1.0.5

This version
History Node

1.0.3

History Node

1.0.1

History Node

1.0.1.dev1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
debpkgr-1.0.3.tar.gz (47.7 kB) Copy SHA256 hash SHA256 Source None Jul 17, 2017

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging CloudAMQP CloudAMQP RabbitMQ AWS AWS Cloud computing Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page