PackageDependencyManagement

Revision 14 as of 2005-11-03 21:15:54

Clear message

Package Dependency Management

Introduction

This specification describes an enhancement to the information the system stores about packages that are installed locally. The goal is to improve the ability of systems to evolve over time to continue to reflect the current Ubuntu release.

These primary improvements are envisaged:

  1. The system needs to have some idea why a package was installed. Some of the higher-level package management tools, such as Aptitude, already do something similar to this. They track, for example, whether or not a package was installed because of a specific request by the system administrator, or to satisfy the dependencies of a package that was being installed. This allows them to offer to remove those dependency packages when the chosen package is removed later.

  2. Over time, it is inevitable that the Ubuntu team may choose to change the open source products preferred for specific functionality in an Ubuntu system. For example, the Ubuntu developers might choose to migrate from Postfix to Nullmailer, or from Esound to PolypAudio. For new installations that presents no problem, someone installing the new release will simply get the new apps. However, for someone upgrading, it will be necessary to identify whether or not the user has modified any configuration files for the relevant app, and if not, to migrate the system to the new app.

Rationale

Over time, a Linux system accumulates a substantial amount of cruft. Traditionally, installing a package requires installing its dependencies. Later, when that package is upgraded, new dependencies might be introduced and older ones dropped, but in most systems the old package dependencies are never uninstalled. The end result is a plethora of unwanted and un-needed libraries and supporting packages which take up disk space and potentially also slow down the day to day operation of the computer.

These improvements will make it easier to keep Ubuntu systems lean-and-mean over a series of releases, leaving only those packages which the Ubuntu team recommends, the packages explicitly selected by users, and the necessary dependencies required to support those packages.

Scope and Use Cases

The following use cases illustrate the ideas in this spec:

  1. Jimmy installed Breezy, and has now updated to the next release. During the update, no matter which package management tool he uses, old dependencies will be removed and new ones installed. There should be no old libraries left on his system once the upgrade is complete.
  2. Annabel has installed openldap, and all of its dependencies were automatically installed on her system. Now she is going to remove it from this system using a different package manager. That package manager identifies packages that were installed purely in support of openldap, and offers to remove those too.
  3. Jack is upgrading from Breezy to the next Ubuntu release. His system has postfix installed, because that was the default mail server in Breezy, but he has never modified its configuration and so when he does the update, postfix is removed and replaced with newmailer, the Ubuntu team's chosen replacement for postfix in the new release.

Design

For the use case 1 we are going to mark each package automatic if it was installed only to satisfy a dependency. If a package is removed later a mark-and-sweep algorithm is run that marks any package that is part of a dependency of a given root-set (essential+manually installed). Any package that is notm marked here has no reverse dependencies and can be safely removed.

The use case 2 is adressed by the upgrade tool discussed at https://wiki.ubuntu.com/AutomaticUpgrade. It will identify changes in meta-packages based on the information we provide and suggest the removal of the superseded package.

All packages installed by the installer are installed via aptitudes task matcher right now. That means that the auto-flag is set for a lot of the libraries but not for the installed applications. That means that removing e.g. ubuntu-desktop will *not* result in the suggestion to automatically remove all it's dependencies.

Implementation Plan

For the use cases Number 1 the automark feature of aptitude needs to be ported to libapt. It should be easily accessible to all the frontends (apt-get.cc, synaptic, aptitude, python-apt).

Data Preservation and Migration

The current flags in aptitude will be converted automatically on the first run of aptitude.

Packages Affected

The apt package needs to be improved to provide support for the marking of automatic dependencies. This feature needs to be exported so that frontends like synaptic, python-apt can use it too.

User Interface Requirements

A new "apt auto-remove" commands will be added that suggests to remove the automatically installed packages. Synaptic needs to be updated to use this feature too. Python-apt needs to support it too. Aptitude should make use of the feature as well (use the version in libapt instead of the version in aptitude).

Applications are usually save from being suggested to automatically removed because they are usually in the top of the depedency chain and will not be pulled in as a part of a dependecny. Aptitude will work as before, synaptic will present packages that can be removed automatically but it will not mark them for removal automatically.

Outstanding Issues

A implementation (that needs testing) is available in the michael.vogt@ubuntu.com--2005/apt--auto-mark--0 branch. Close cooperation with Daniel Burrows (the aptitude author/maintainer) is taking place, he branched from the initial port and added the missing bits that he needed for aptitude. python-apt code is written as well. All the code needs testing.