Skip to main content

1. Introduction

This brief HOWTO shows how a simple repository for Debian APT *.deb files can be built. To keep it simple, it assumes that the etch Debian/GNU Linux distribution is used on the i386 architecture. These steps have been tested with equal success on the sarge distribution.

2. Steps

2.1. Directory structure

Create the following directory structure in a place that is not managed by Debian APT itself, e.g. /var/local or /usr/local/share.


2.2. Archives

Place downloaded or locally created *.deb package files into the debian/pool/opt subdirectory.

2.3. Configuration

The repository will function without an override file, so this section is optional. The purpose of the override file is to allow the local repository administrator to place packages in their correct place in the hierarchy, based on local policy.

Create a file named override.etch.opt in the debian/indices subdirectory. Insert a line in this file, for each archive in the repository, in the following format.

[package_name] [section] [subsection]

For example, having downloaded fcc_7.031-2_i386.deb file for FirstClass(R) version 7.0, the override.etch.opt file would contain one line: fcc optional non-free/mail. Note that the version number of the package is not used in the override file.

2.4. Updating

2.4.1. Packages file

APT needs an index, so, for example, apt-get install fcc knows where versions of the FirstClass package can be found for the correct architecture.

Create a script containing the following.

cd /var/local/debian
apt-ftparchive packages pool indices/override.etch.opt >dists/etch/opt/binary-i386/Packages
gzip -9 <dists/etch/opt/binary-i386/Packages >dists/etch/opt/binary-i386/Packages.gz

And if you have bzip2 installed, include

bzip2 <dists/etch/opt/binary-i386/Packages >dists/etch/opt/binary-i386/Packages.bz2

2.4.2. Release file

The repository will function without a Release file, so this section is optional. A Release file is mandatory for the use of apt-secure which is used by default in the etch distribution, so you will need a Release file if you wish to remove the messages stating your packages come from an untrusted source.

Add the following to your script.

rm -f dists/etch/Release
apt-ftparchive \
  -o APT::FTPArchive::Release::Architectures="i386" \
  -o APT::FTPArchive::Release::Suite="etch" \
  -o APT::FTPArchive::Release::Description="Personal etch repository" \
release dists/etch >dists/etch/Release.tmp
mv -f dists/etch/Release.tmp dists/etch/Release
gpg -abs -o dists/etch/Release.gpg dists/etch/Release

The final line is required only if you wish to use apt-secure and have used gpg to create a key pair. Don't forget to review and act upon the man page for apt-key in this case, otherwise apt will complain about not knowing your public signature.

2.4.3. Running

The above script must be run each time packages are added or removed. Don't forget to update the list of available packages in the package manager as well, e.g. apt-get update, otherwise the changes to the repository's packages will not be picked up!

3. Configuring APT

Add a new line to /etc/apt/sources.list containing the following.

deb file:/var/local/debian etch opt

Update the list of available packages in the package manager as well, e.g. apt-get update. The local packages will now be available through the package manager or via apt-get install.

See also