Quality-testing for Debian packages
Command Line – adequate
The adequate command-line tool helps users pinpoint problems with installed DEB packages.
Like less
and most
, adequate
's [1] name is an both an understatement and a mild joke. A tool for analyzing the quality of installed DEB packages, adequate
is actually a rigorous test of quality control based on the Debian Policy Manual [2], which makes its results far beyond adequate. Like many Debian packages, adequate
was written for maintainers, but it is also a useful tool for cautious average users.
You can find adequate
in the repositories of Debian, Ubuntu, and Linux Mint. Average users will find adequate
useful because, as mentioned in a previous column [3], using a variety of repositories can be a gamble. You should rarely need adequate
in Debian Stable, whose packages have been thoroughly tested by the time they are placed in the repository and may have been updated to fix bugs and plug security holes. Similarly, in most cases, packages from Testing should also be reasonably safe. However, packages in Unstable are much more of a gamble, not least because some developers place new packages directly into Unstable rather than introducing them into Experimental.
Outside the Debian structure, the risk is even higher, whether you are using packages that originate in a Debian derivative such as Ubuntu or a development platform such as Ubuntu's Personal Package Archives (PPA), GitHub, or GitLab. On such development platforms, any packages the developers take time to make is sometimes second in importance to coding, or they are made by someone with limited knowledge of Debian packaging. Any standards are a matter of personal preference. Not all the data provided by adequate
is relevant to ordinary users (e.g., the absence of a copyright notice). Nonetheless, by running any package through adequate
, average users can pinpoint the source of problems, possibly repair them, and file more meaningful bug reports. However adequate
is used, it offers an insight into the structure of Debian and its derivatives.
The Debian Policy Manual, which adequate
is based on, is a lengthy document that describes the structure of Debian packages and repositories. It has grown tremendously since first written in 1996 by Ian Jackson. Although little known to casual users or outsiders, the Debian Policy Manual has frequently been described by Debian members and officers as what makes Debian what it is, rather than the packaging system or any other core software. The Debian Policy Manual covers a wide variety of subjects, ranging from the naming of packages, versioning, package descriptions, dependencies, required fields, pre- and post-install scripts for both binary and source files, and breaking or conflicting packages. If adequate
detects no violations of the Debian Policy Manual, you can be reasonably sure that installing a package will not cripple your system or require long hours to undo.
Using Adequate
You can use adequate
in several ways. The structure
adequate PACKAGENAME
reports on a single package, using only the package name without a version number (i.e., coreutils, not coreutils-9.1-1). If no problems exist, adequate
exits without feedback. More comprehensively,
adequate --all
reports on all the packages installed on a system (Figure 1). To be specific, you can use the option with the tags listed in the man page (see Table 1). If a tag identifies a problem, you may find an explanation in the corresponding section of the Debian Policy Manual or, occasionally, some other Debian documentation. Conversely,
--tags -TAG1,TAG2
Table 1
Tags to Pinpoint Specific Problems
Tag | Meaning | Debian Policy Manual Reference or Other |
---|---|---|
|
The binary in |
|
|
The detector registered with |
|
|
The interpreter registered with |
|
|
A symlink points to a nonexistent file. |
|
|
The licenses of the libraries the binary is linked to are incompatible. |
|
|
Running |
|
|
Library missing, possibly because of a broken symlink |
6.5: Summary of ways maintainer scripts are called; 12.5: Copyright information |
|
This package manager provides a terminal emulator, but it is not registered as an alternative or a virtual package. |
11.8.3: Packages providing a terminal emulator; 11.8.4: Packages providing a window manager |
|
No copyright file provided |
6.6: Details of unpack phase of installation or upgrade; 12.5: Copyright information |
|
Dependency of a |
8.4: Development files |
|
The binary's library provides only unversioned symbols. |
|
|
The conffile that previously shipped with the package in no longer included in the current version, but the conffile has not been removed or updated. |
|
|
This package has the same name as another program. |
10.1: Binaries |
|
This package ships Python modules that are not byte-compiled. |
Python Policy 2.6 |
|
This package ships Python modules in |
Python Policy 1.5; Python Policy 2.6 |
|
The symbol has changed size since the package was built. |
|
|
The symbol has not been found in the libraries linked with the binary. |
lists tags not to be checked (notice the minus sign before the list of tags). With any of these structures, the --debconf
option displays any results using debconf, Debian's commmand-line GUI (Figure 2).
At least theoretically, false positives can occur. If, after reading the man page documentation, you are confident that adequate
has uncovered a bug, you can paste adequate
's results into a bug report. If you are uncertain, contact debian-qa@lists.debian.org
first.
A Cautionary Note
Near its start, the Debian Policy Manual warns [4]: "This manual cannot and does not prohibit every possible bug or undesirable behaviour. The fact that something is not prohibited by Debian policy does not mean that it is not a bug, let alone that it is desirable."
A little further down, the manual lays out the terms used to describe what must be done, as opposed to best practices, and what is optional or discouraged.
The same limitations also apply to adequate
. While adequate
detects whether major requirements are followed, it may not detect optional or discouraged practices. Just as importantly, adequate
does not detect whether a package does what it is supposed to do. All it detects is whether a package's structure conforms to the Debian Policy Manual's expectations. That is worth knowing, but it is not a comprehensive guarantee.
For that reason, adequate
should be combined with a basic caution. Simply put, a package with few dependencies, or with no fixed, obsolete, or cutting-edge version requirements, is less likely to cause any systemic problems. This information can be easily found on the Debian packages' web pages for the Unstable or Experimental repositories, or, with exterior packages, by looking at the source code or using the --apt-preinst
to view the preinstall scripts. What adequate
provides is package data that can help users locate the source of any problems.
Infos
- adequate: https://manpages.debian.org/unstable/adequate/adequate.1.en.html
- Debian Policy Manual: https://www.debian.org/doc/debian-policy/
- "Tips for Mixing Safely" by Bruce Byfield, Linux Magazine, issue 266, January 2023, https://www.linux-magazine.com/Issues/2023/266/Mixing-Debian-Repositories/(language)/eng-US
- Debian Policy Manual scope: https://www.debian.org/doc/debian-policy/ch-scope.html
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
The Gnome Foundation Struggling to Stay Afloat
The foundation behind the Gnome desktop environment is having to go through some serious belt-tightening due to continued financial problems.
-
Thousands of Linux Servers Infected with Stealth Malware Since 2021
Perfctl is capable of remaining undetected, which makes it dangerous and hard to mitigate.
-
Halcyon Creates Anti-Ransomware Protection for Linux
As more Linux systems are targeted by ransomware, Halcyon is stepping up its protection.
-
Valve and Arch Linux Announce Collaboration
Valve and Arch have come together for two projects that will have a serious impact on the Linux distribution.
-
Hacker Successfully Runs Linux on a CPU from the Early ‘70s
From the office of "Look what I can do," Dmitry Grinberg was able to get Linux running on a processor that was created in 1971.
-
OSI and LPI Form Strategic Alliance
With a goal of strengthening Linux and open source communities, this new alliance aims to nurture the growth of more highly skilled professionals.
-
Fedora 41 Beta Available with Some Interesting Additions
If you're a Fedora fan, you'll be excited to hear the beta version of the latest release is now available for testing and includes plenty of updates.
-
AlmaLinux Unveils New Hardware Certification Process
The AlmaLinux Hardware Certification Program run by the Certification Special Interest Group (SIG) aims to ensure seamless compatibility between AlmaLinux and a wide range of hardware configurations.
-
Wind River Introduces eLxr Pro Linux Solution
eLxr Pro offers an end-to-end Linux solution backed by expert commercial support.
-
Juno Tab 3 Launches with Ubuntu 24.04
Anyone looking for a full-blown Linux tablet need look no further. Juno has released the Tab 3.