Linux Package Management: apt/dpkg, yum/dnf/rpm, Building from Source

Package management appears to be just "install / remove / update," but what truly determines whether you avoid pitfalls comes down to two things: First, what exactly is in a package (executables, config, dependency libraries, service scripts) and where they land in the system; Second, how toolchain differences across distributions (Debian/Ubuntu's dpkg/apt vs RHEL/CentOS's rpm/yum/dnf) affect dependency resolution, version selection, and rollback strategies. This post first clarifies the basic concepts of packages and dependencies, then provides a reproducible list of common operations (including advanced usage: dependency conflict troubleshooting, version locking, downgrades, cleanup of unused packages), and adds the most common configurations for domestic environments (like switching to Aliyun mirrors, Tsinghua mirrors, verifying mirror effectiveness). Finally, it extends "installing packages" to two production-relevant paths: building from source (using Nginx as an example, explaining what configure/make/make install each do) and binary portable configuration (using Java as an example), giving you viable deployment options when facing version/dependency/network constraints.

Basic Package Concepts: What's Inside, Why We Need Package Managers

Package Composition

A package bundles programs, library files, configuration files, and documentation into a single file, making installation, upgrade, and removal convenient. Packages automatically handle dependencies, simplifying software management. A standard package typically includes:

1. Binary Executables

Compiled program source code, generating executable binary files. Examples:

• /usr/bin/vim: Text editor
• /usr/sbin/nginx: Web server
• /usr/bin/gcc: Compiler

2. Configuration Files

Store application default configurations, usually located in /etc/ directory. Examples:

/etc/nginx/nginx.conf  # Nginx config file
/etc/mysql/my.cnf      # MySQL config file
/etc/ssh/sshd_config   # SSH server config

Important characteristic: Package managers typically preserve your modified configuration files during upgrades (won't overwrite), avoiding config loss.

3. Shared Libraries

Shared libraries are dynamically linked libraries that executables depend on at runtime (like Windows .dll), usually stored in /usr/lib/ or /lib/ directories. Examples:

/usr/lib/libssl.so             # OpenSSL crypto library
/lib/x86_64-linux-gnu/libc.so.6  # GNU C standard library

Why shared libraries?

• Save disk space (multiple programs share the same library)
• Save memory (same library loaded only once)
• Easy upgrades (upgrading library benefits all programs that depend on it)

4. Data Files

Data required by applications, like database files, default resources, etc. Examples:

/var/lib/mysql/   # MySQL database storage directory
/var/www/html/    # Web server default site directory

5. Documentation

Software documentation, manual pages (man pages), copyright notices, etc., usually stored in /usr/share/doc/ directory. Examples:

/usr/share/doc/nginx/README
/usr/share/man/man1/vim.1.gz  # vim man page

6. Service Unit Files (If It's a Service)

If it's a background service, it will also include systemd unit files:

/usr/lib/systemd/system/nginx.service
/etc/systemd/system/mysql.service

Why We Need Package Managers

Without package managers, you'd need to: 1. Manually download software (find download links from official sites or third-party sites) 2. Manually resolve dependencies (A depends on B, B depends on C, you install one by one) 3. Manually place files (where to put executables, config, libraries) 4. Manually uninstall (remember to delete all files when uninstalling, including config and dependencies) 5. Manually update (check official sites for each software for new versions)

Core value of package managers:

• Auto-resolve dependencies: A depends on B, installing A automatically installs B
• Unified installation locations: All software placed according to standards, no mess
• One-click uninstall: Automatically deletes all related files when uninstalling
• One-click update: apt upgrade or dnf upgrade updates all software
• Version management: Can view, lock, downgrade software versions
• Security: Packages are all signature-verified, reducing malicious software risk

---

Mainstream Linux Package Managers Comparison

Different Linux distributions use different package managers:

Distribution	Package Format	Low-level Tool	High-level Tool	Notes
Debian/Ubuntu	.deb	dpkg	apt, apt-get	Most popular desktop and cloud server distro
RHEL/CentOS/Fedora	.rpm	rpm	yum (old), dnf (new)	Enterprise Linux, CentOS 8+ and Fedora default to dnf
Arch Linux	.tar.zst	pacman	pacman	Rolling release, newest software versions
Gentoo	source packages	emerge	portage	Completely compiled from source, highly customizable
openSUSE	.rpm	rpm	zypper	Common in European enterprises

This article mainly covers Debian/Ubuntu's apt/dpkg and RHEL/CentOS's yum/dnf/rpm, as they are the most commonly used.

---

Debian/Ubuntu Package Management: apt + dpkg

apt vs apt-get vs dpkg

Tool	Description	Rating
apt	High-level tool, auto-handles dependencies, user-friendly (colors, progress bars), recommended for daily use	⭐⭐⭐⭐⭐
apt-get	Old high-level tool, same functionality as apt but plain interface, commonly used in scripts (stable output)	⭐⭐⭐⭐
dpkg	Low-level tool, directly operates .deb packages, won't auto-handle dependencies (manual resolution needed)	⭐⭐

Recommendation: Use apt for daily operations, use apt-get in scripts (more stable output format).

Common Operations

Update Package Source Information

sudo apt update  # Download latest package list from sources

This command only updates local package list cache, doesn't upgrade any software.

Search for Packages

apt search nginx  # Search for packages containing nginx
apt-cache search nginx  # Same (old command)

View Package Information

apt show nginx  # View nginx detailed info (version, dependencies, description)
apt-cache policy nginx  # View nginx version and installation status

Install Packages

sudo apt install nginx  # Install nginx
sudo apt install nginx=1.18.0-0ubuntu1  # Install specific version
sudo apt install nginx -y  # Auto-answer yes (no confirmation prompts)

Uninstall Packages

sudo apt remove nginx  # Uninstall nginx (keep config files)
sudo apt purge nginx   # Completely uninstall nginx (delete config files)
sudo apt autoremove    # Delete no-longer-needed dependency packages (cleanup)

Difference:

• remove: Only deletes program files, keeps config files in /etc/ (convenient for restoring config when reinstalling later)
• purge: Deletes config files too (complete uninstall)

Upgrade Packages

sudo apt upgrade  # Upgrade all upgradable packages (won't remove installed packages)
sudo apt full-upgrade  # Upgrade all packages (can remove old packages if necessary)
sudo apt dist-upgrade  # Same as full-upgrade (old command)

Difference:

• upgrade: Conservative upgrade, won't remove installed packages
• full-upgrade: Aggressive upgrade, can delete or install packages if necessary (like dependency changes)

View Installed Packages

dpkg -l  # List all installed packages
dpkg -l | grep nginx  # Check if nginx is installed
apt list --installed  # Same (apt command)

View Files Installed by Package

dpkg -L nginx  # See what files nginx installed

Example output:

/usr/sbin/nginx
/etc/nginx/nginx.conf
/usr/share/doc/nginx/README
...

Find Which Package a File Belongs To

dpkg -S /usr/sbin/nginx  # See which package /usr/sbin/nginx belongs to

Output: nginx-core: /usr/sbin/nginx

Manually Install .deb Package

sudo dpkg -i package.deb  # Install .deb package (won't auto-resolve dependencies)
sudo apt install -f  # Fix dependencies (if above errors)

Better way:

sudo apt install ./package.deb  # apt will auto-resolve dependencies

Advanced Usage

Lock Package Version (Prevent Upgrade)

sudo apt-mark hold nginx  # Lock nginx, prevent upgrade
apt-mark showhold  # View locked packages
sudo apt-mark unhold nginx  # Unlock

Downgrade Package Version

# 1. View available versions
apt-cache policy nginx

# 2. Install specific version
sudo apt install nginx=1.18.0-0ubuntu1

# 3. Lock version (prevent upgrade)
sudo apt-mark hold nginx

Clean Cache (Free Disk Space)

sudo apt clean  # Delete all downloaded .deb package cache (in /var/cache/apt/archives/)
sudo apt autoclean  # Only delete outdated package cache
sudo apt autoremove  # Delete no-longer-needed dependency packages

Combined usage (clean disk space):

sudo apt autoremove && sudo apt autoclean

---

RHEL/CentOS Package Management: yum/dnf + rpm

yum vs dnf vs rpm

Tool	Description	Rating
dnf	New generation high-level tool (CentOS 8+, Fedora), auto-handles dependencies, faster, recommended	⭐⭐⭐⭐⭐
yum	Old high-level tool (CentOS 7 and earlier), same functionality as dnf but slower	⭐⭐⭐⭐
rpm	Low-level tool, directly operates .rpm packages, won't auto-handle dependencies (manual resolution needed)	⭐⭐

Recommendation: Use dnf for CentOS 8+ and Fedora, use yum for CentOS 7.

Common Operations (Using dnf as Example, yum Commands Are Almost Identical)

Update Package Source Information

sudo dnf makecache  # Download latest package list from sources
sudo dnf check-update  # Check which packages can be upgraded

Search for Packages

dnf search nginx  # Search for packages containing nginx

View Package Information

dnf info nginx  # View nginx detailed info (version, dependencies, description)

Install Packages

sudo dnf install nginx  # Install nginx
sudo dnf install nginx-1.20.1  # Install specific version
sudo dnf install nginx -y  # Auto-answer yes

Uninstall Packages

sudo dnf remove nginx  # Uninstall nginx
sudo dnf autoremove  # Delete no-longer-needed dependency packages

Upgrade Packages

sudo dnf upgrade  # Upgrade all upgradable packages
sudo dnf upgrade nginx  # Only upgrade nginx

View Installed Packages

rpm -qa  # List all installed packages
rpm -qa | grep nginx  # Check if nginx is installed
dnf list installed  # Same (dnf command)

View Files Installed by Package

rpm -ql nginx  # See what files nginx installed

Find Which Package a File Belongs To

rpm -qf /usr/sbin/nginx  # See which package /usr/sbin/nginx belongs to

Manually Install .rpm Package

sudo rpm -ivh package.rpm  # Install .rpm package (won't auto-resolve dependencies)
sudo dnf install package.rpm  # Better way (will auto-resolve dependencies)

Advanced Usage

Lock Package Version (Prevent Upgrade)

sudo dnf install 'dnf-command(versionlock)'  # Install versionlock plugin
sudo dnf versionlock add nginx  # Lock nginx
dnf versionlock list  # View locked packages
sudo dnf versionlock delete nginx  # Unlock

Downgrade Package Version

# 1. View available versions
dnf list --showduplicates nginx

# 2. Downgrade to specific version
sudo dnf downgrade nginx-1.18.0

Clean Cache

sudo dnf clean all  # Delete all cache
sudo dnf autoremove  # Delete no-longer-needed dependency packages

---

Configure Domestic Mirrors (Speed Up Downloads)

Debian/Ubuntu Configure Aliyun Mirror

1. Backup Original Sources

sudo cp /etc/apt/sources.list /etc/apt/sources.list.bak

2. Replace with Aliyun Mirror

Method 1: Auto-replace (Recommended)

sudo sed -i 's|http://.*archive.ubuntu.com|http://mirrors.aliyun.com|g' /etc/apt/sources.list
sudo sed -i 's|http://.*security.ubuntu.com|http://mirrors.aliyun.com|g' /etc/apt/sources.list

Method 2: Manual edit

sudo vim /etc/apt/sources.list

Delete original content, replace with (Ubuntu 22.04 example):

deb http://mirrors.aliyun.com/ubuntu/ jammy main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ jammy-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ jammy-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ jammy-backports main restricted universe multiverse

Version codenames:

• Ubuntu 22.04: jammy
• Ubuntu 20.04: focal
• Ubuntu 18.04: bionic

3. Update Package Sources

sudo apt update && sudo apt upgrade -y

4. Verify Effectiveness

cat /etc/apt/sources.list | grep mirrors.aliyun.com

If you see mirrors.aliyun.com, configuration succeeded.

CentOS/RHEL Configure Aliyun Mirror

1. Backup Original Sources

sudo cp /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.bak

2. Download Aliyun Mirror Config

CentOS 7:

sudo curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo

CentOS 8:

sudo curl -o /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-8.repo

3. Clean and Update Cache

sudo dnf clean all
sudo dnf makecache

4. Verify Effectiveness

dnf repolist

If you see mirrors.aliyun.com, configuration succeeded.

Other Domestic Mirrors

• Tsinghua University Mirror: https://mirrors.tuna.tsinghua.edu.cn/
• USTC Mirror: https://mirrors.ustc.edu.cn/
• NetEase Mirror: http://mirrors.163.com/

Configuration method is similar, just replace URLs with corresponding mirror sites.

---

Building from Source: From configure to make install

Sometimes package repository versions are too old, or you need custom compilation options (like enabling a module, optimizing performance), requiring building from source.

The Three-Step Build Process

1. ./configure: Check system environment, generate Makefile
2. make: Compile source code according to Makefile
3. make install: Install compiled files to system

Hands-On: Compiling Nginx (Tengine)

Tengine is Taobao's Nginx fork with enhanced performance and features.

1. Install Build Dependencies

sudo apt install build-essential libpcre3 libpcre3-dev libssl-dev zlib1g-dev  # Debian/Ubuntu
sudo dnf install gcc make pcre-devel openssl-devel zlib-devel  # CentOS/RHEL

2. Download Source Code

wget http://tengine.taobao.org/download/tengine-2.3.3.tar.gz
tar -zxvf tengine-2.3.3.tar.gz
cd tengine-2.3.3

3. Configure Build Parameters (./configure)

./configure \
  --prefix=/usr/local/nginx \
  --with-http_ssl_module \
  --with-http_v2_module \
  --with-http_realip_module \
  --with-http_gzip_static_module

Common parameters:

• --prefix=PATH: Installation path (default /usr/local/nginx)
• --with-http_ssl_module: Enable HTTPS support
• --with-http_v2_module: Enable HTTP/2 support
• --with-http_realip_module: Get real client IP (suitable for reverse proxy)

What does ./configure do?

• Checks if system has required libraries (like OpenSSL, PCRE, zlib)
• Generates Makefile (build configuration file) based on your parameters
• If dependencies are missing, will error and prompt installation

4. Compile (make)

make -j$(nproc)  # Use all CPU cores for parallel compilation (speedup)

What does make do?

• Reads Makefile, compiles source code in order
• Generates executable files (like objs/nginx)
• If compilation fails, check for missing dependencies or incorrect parameters

5. Install (make install)

sudo make install

What does make install do?

• Copies compiled files to directory specified by --prefix (like /usr/local/nginx)
• Creates necessary directory structure (conf/, logs/, html/, sbin/)
• Won't create systemd service file (needs manual creation)

6. Start Nginx

/usr/local/nginx/sbin/nginx  # Start
/usr/local/nginx/sbin/nginx -s stop  # Stop
/usr/local/nginx/sbin/nginx -s reload  # Reload config

7. Create systemd Service (Optional)

Create /etc/systemd/system/nginx.service:

[Unit]
Description=Nginx HTTP Server
After=network.target

[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecReload=/usr/local/nginx/sbin/nginx -s reload
ExecStop=/usr/local/nginx/sbin/nginx -s stop
PrivateTmp=true

[Install]
WantedBy=multi-user.target

Then enable:

sudo systemctl daemon-reload
sudo systemctl enable nginx
sudo systemctl start nginx

---

Binary Portable Configuration: Java Example

Some software (like Java, Go, Node.js) provides pre-compiled binary packages, extract-and-use, no installation needed.

Hands-On: Configure Java Environment

1. Download JDK

Download JDK from Oracle official site or open-source mirrors (like jdk-17_linux-x64_bin.tar.gz).

2. Extract to /opt

sudo tar -zxvf jdk-17_linux-x64_bin.tar.gz -C /opt
sudo mv /opt/jdk-17* /opt/jdk-17  # Rename to shorter path

3. Configure Environment Variables

Edit ~/.bashrc (or /etc/profile for all users):

export JAVA_HOME=/opt/jdk-17
export PATH=$JAVA_HOME/bin:$PATH

4. Make Config Effective

source ~/.bashrc

5. Verify

java -version
javac -version

If version numbers display, configuration succeeded.

---

Package Management Best Practices

1. Regularly Update System

sudo apt update && sudo apt upgrade -y  # Debian/Ubuntu
sudo dnf upgrade -y  # CentOS/RHEL

Frequency: Recommend updating weekly or monthly to promptly fix security vulnerabilities.

2. Clean Unused Packages and Cache

sudo apt autoremove && sudo apt autoclean  # Debian/Ubuntu
sudo dnf autoremove && sudo dnf clean all  # CentOS/RHEL

3. Lock Critical Software Versions

If upgrading 某个软件 might cause compatibility issues (like databases, kernels), recommend locking version:

sudo apt-mark hold mysql-server  # Debian/Ubuntu
sudo dnf versionlock add mysql-server  # CentOS/RHEL

4. Don't Mix Package Managers and Compiled Installations

Problem: If you install nginx with apt, then also install nginx compiled from source, conflicts occur (two nginx might listen on same port, config file locations differ).

Recommendation:

• Prefer package manager (apt/dnf) installation (easy to update and uninstall)
• Only build from source when package manager version is too old or lacks features
• If building from source, recommend installing to /opt or /usr/local (avoid path conflicts with package manager)

5. Backup Important Configs

Backup before modifying config files:

sudo cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak

6. Use Virtual Environments (Python/Node.js)

Python and Node.js have their own package managers (pip/npm), recommend using virtual environments to isolate project dependencies:

• Python: python3 -m venv venv
• Node.js: nvm or n to manage Node.js versions

---

Summary and Further Reading

This article covers the core content of Linux package management: 1. ✅ Basic package concepts (what's in a package, why we need package managers) 2. ✅ Debian/Ubuntu package management (apt/dpkg common operations and advanced usage) 3. ✅ RHEL/CentOS package management (yum/dnf/rpm common operations and advanced usage) 4. ✅ Configure domestic mirrors (Aliyun mirror, Tsinghua mirror) 5. ✅ Building from source (using Nginx as example, explaining configure/make/make install) 6. ✅ Binary portable configuration (using Java as example) 7. ✅ Package management best practices (cleanup, version locking, avoiding conflicts)

Further Reading:

• Debian Package Management Manual: https://www.debian.org/doc/manuals/debian-reference/ch02
• RPM Packaging Guide: https://rpm-packaging-guide.github.io/
• DNF Official Documentation: https://dnf.readthedocs.io/

Next Steps:

• 《 Linux Process and Resource Management 》: Learn how to monitor and limit process CPU/memory usage
• 《 Linux User Management 》: Learn how to manage users/groups/permissions

---

By this point, you should have upgraded from "can install packages" to "can configure mirrors, can build from source, can troubleshoot dependency conflicts." Package management is a fundamental Linux operations skill; mastering it allows you to better manage servers.