Managing Software - Getting Started - Ubuntu 15.04 Server with systemd: Administration and Reference (2015)

Ubuntu 15.04 Server with systemd: Administration and Reference (2015)

Part I. Getting Started

Chapter 4. Managing Software

Installing software is an administrative function performed by a user with administrative access. Unless you chose to install all your packages during your installation, only some of the many applications and utilities available for users on Linux were installed on your system. On Ubuntu, you can easily install or remove software from your system with the apt-get command, or, from the desktop, the Synaptic Package Manager. Alternatively, you can install software by downloading and compiling its source code.

APT (Advanced Package Tool) is integrated as the primary installation package tool. When you install a package with apt-get , the Ubuntu Software Center, or the Synaptic Package Manager, APT will be invoked and it will automatically select and download the appropriate packages from the online repository.

A DEB software package includes all the files needed for a software application. A Linux software application often consists of several files that must be installed in different directories. The program itself is most likely placed in a directory called /usr/bin; online manual files go in another directory, and library files go in yet another directory.

When you select a package for download, APT will install any additional dependent (required) packages. APT will also install all recommended packages by default. Many software applications have additional features that rely on recommended packages.

Ubuntu Package Management Software

Though all Ubuntu software packages have the same DEB format, they can be managed and installed using different package management software tools. The primary software management tool is APT. Some tools will operate on the command line interface, while others only work on the desktop.

Check the Ubuntu Server Guide | Package Management for basic command line software operations and repository configuration.

Command Line interface tools

If you installed the Ubuntu Server CD, you will only have access to the following command line interface based tools.

tasksel Cursor-based screen for selecting package groups and particular servers. This tool will work on the command-line interface installed by the Ubuntu Server CD. You can also run it in a terminal window on a desktop. Use arrow keys to move to and entry, the spacebar to select it, the Tab key to move to the OK button. Press ENTER on the OK button to perform your installs.

aptitude Front end for tools like dpkg or apt-get, screen based, uses own database, /var/lib/aptitude.

apt-get primary command line tool to install, update, and remove software, uses own database, /var/lib/apt/, repository info at /var/cache/apt.

dpkg older command line tool to install, update, remove, and query software packages. Uses own database, /var/lib/dpkg, repository info at /var/cache/apt, the same as APT.

Desktop tools

If you installed the Ubuntu Desktop DVD or one of its variations like Kubuntu, you will have access to the following desktop interface tools, as well as using a terminal window to run the previously listed command line tools.

APT (Advanced Package Tool): The Synaptic Package Manager, the Ubuntu Software Center, update-manager, dpkg, and apt-get are front ends for APT.

Ubuntu Software Center: GNOME Graphical front end for managing packages, repository info at /var/cache/apt, same as APT

Update Manager: Ubuntu graphical front end for updating installed software, uses APT.

Synaptic Package Manager: Graphical front end for managing packages, repository info at /var/cache/apt, same as APT. Ubuntu no longer supports it.

Muon is the KDE software manager, a graphical front end for APT.

Ubuntu Software Repositories

There are four main components or sections to the Ubuntu repository: main, restricted, universe, and multiverse. These components are described in detail at:

A complete listing of software packages for the Ubuntu distribution, along with a search capability is located at:

Repository Components

The following repository components are included in the main Ubuntu repository:

main: Officially supported Ubuntu software (canonical), includes GStreamer Good plug-ins.

restricted: Commonly used and required for many applications, but not open source or freely licensed, like proprietary graphics card drivers from Nvidia and ATI, needed for hardware support. Because they are not open source, they are not guaranteed to work.

universe: All open source Linux software not directly supported by Ubuntu includes GStreamer Bad plug-ins.

multiverse: Linux software that does not meet licensing requirements and is not considered essential. It may not necessarily work. For example, the GStreamer ugly package is in this repository. Check /about-ubuntu/licensing.


In addition to the Ubuntu repository, Ubuntu maintains several other repositories used primarily for maintenance and support for existing packages. The updates repository holds updated packages for a release. The security updates repository contains critical security package updates every system will need.

Ubuntu repository: Collection of Ubuntu-compliant software packages for releases organized into main, universe, multiverse, and restricted sections.

Updates: Updates for packages in the main repository, both main and restricted sections.

Backports: Software under development for the next Ubuntu release, but packaged for use in the current one. Not guaranteed or fully tested. Backports access is now enabled by default.

Security updates: Critical security fixes for main repository software.

Partners: Third party proprietary software tested to work on Ubuntu. You need to authorize access manually.

The Backports repository provides un-finalized or development versions for new and current software. They are not guaranteed to work, but may provide needed features.

Ubuntu Repository Configuration file: sources.list and sources.list.d

Repository configuration is managed by APT using configuration files in the /etc/apt directory. The /etc/apt/sources.list file holds repository entries. The main and restricted sections are enabled by default. An entry consists of a single line with the following format:

format URI release section

The format is normally deb, for Debian package format. The URI (universal resource identifier) provides the location of the repository, such as an FTP or Web URL. The release name is the official name of a particular Ubuntu distribution like vivid or oneric. Ubuntu 15.04 has the name vivid. The section can be one or more terms that identify a section in that release's repository. There can be more than one term used to specify a section, like main and restricted to specify the restricted section in the Ubuntu repository. The Multiverse and Universe sections can be specified by single terms: universe and multiverse. You can also list individual packages if you want. The entry for the Vivid restricted section is shown here.

deb vivid main restricted

Corresponding source code repositories will use a deb-src format.

deb-src vivid main restricted

The update repository for a section is referenced by the -updates suffix, as in vivid-updates.

deb vivid-updates main restricted

The security repository for a section is referenced with the suffix -security, as vivid-security.

deb vivid-security main restricted

Both Universe and Multiverse repositories should already be enabled. Each will have an updates repository as well as corresponding source code repositories, like those shown here for Universe.

deb vivid universe
deb-src vivid universe
deb vivid-updates universe
deb-src vivid-updates universe

The Backports repository is now enabled by default on the Ubuntu server. It holds applications being developed for future Ubuntu releases and may not work well.

Comments begin with a # mark. You can add comments of your own if you wish. Commenting an entry effectively disables that component of a repository. Placing a # mark before a repository entry will effectively disable it.

Commented entries are included for the extras and Canonical partners repositories. The extras repository provides third party software. Partners include companies like Adobe, VMware, and Parallels.

Most entries, including third-party entries for Ubuntu partners, can be managed using Software & Updates. The backports entry requires that you edit the sources.list file. You can edit the file directly with the following command.

sudo nano /etc/apt/sources.list

Remove the # at the beginning of the line to activate a repository such as partners.

# deb vivid partner

Repository information does not have to be added to the sources.list file directly. It can also be placed in a text file in the /etc/apt/sources.list.d directory, which APT will read as if part of the sources.list file. Editing such an important file always involves the risk of incorrectly changing the entries.

Software Management with Tasksel, DEB, APT, and DKPG

Both the Debian distribution and Ubuntu use the Debian package format (DEB) for their software packages. Two basic package managers are available for use with Debian packages: the Advanced Package Tool (APT) and the Debian Package tool (dpkg). APT is designed to work with repositories and is used to install and maintain all your package installations on Ubuntu. Though you can install packages directly as single files with just dpkg, it is always advisable to use APT. Information and package files for Ubuntu compliant software can be obtained from

You can also download source code versions of applications, and then compile and install them on your system. Where this process once was complex, it has been significantly streamlined with the use of configure scripts. Most current source code, including GNU software, is distributed with a configure script. The configure script automatically detects your system configuration and generates a Makefile, which is used to compile the application and create a binary file that is compatible with your system. In most cases, with a few Makefile operations you can compile and install complex source code on any system.

Installing from source code requires that supporting development libraries and source code header files be installed. You can do this separately for each major development platform, like GNOME, KDE, or just the kernel. Alternatively you can run the APT metapackage build-essentialfor all the Ubuntu development packages. You will only have to do this once.

sudo apt-get install build-essential

DEB Software Packages

A Debian package will automatically resolve dependencies, installing any other needed packages instead of simply reporting their absence. Packages are named with the software name, the version number, and the .deb extension. Check for more information. File name format is as follows:

the package name

version number

distribution label and build number. Packages created specifically for Ubuntu will have the ubuntu label here. Attached to it will be the build number, the number of times the package was built for Ubuntu.

architecture The type of system on which the package runs, like i386 for Intel 32-bit x86 systems, or amd64 for both Intel and AMD 64-bit systems, x86_64.

package format. This is always deb

For example, the package name for 3dchess is 3dchess, with a version and build number 0.8.1-17, and an architecture amd64 for a 64 bit system.


The following package has an ubuntu label, a package specifically created for Ubuntu. The version number is 1.21 and build number is 11, with the Ubuntu label ubuntu1. The architecture is i386 for a 32-bit system.


Installing and Removing Software with tasksel

The easiest way to install server packages is to use tasksel, which will display a list of all your server metapackages, as well as all other meta-packages on your configured repositories. To run tasksel, enter the tasksel command at the shell prompt. If you are using a desktop, open a terminal window and enter the tasksel command.

sudo tasksel

Should you want to quit tasksel without installing or removing any software, tab to the OK button and press ENTER. The tasksel application ends, and you return to the shell prompt.

The tasksel tool displays a keyboard-based dialog listing the server and package collections (see Figure 4-1 ). Those already installed have an asterisk next to their entries. Use the arrow keys to move to an entry and press the spacebar to select it. When you have made all your selections, use the Tab key to move to the OK button. Then press the ENTER key to install the selected software.

Figure 4-1: Tasksel server and meta package installation

You can also use tasksel to uninstall packages. Installed packages will have an asterisk next to them. Move to the package you want to remove and press the spacebar. The asterisk will disappear, leaving you with empty brackets. Tab to the OK button and press ENTER. An installation window is displayed, and the de-selected package collections are removed.

The last entry in the tasksel is Manual Page Selection. Selecting this entry opens the Aptitude package manager (discussed in the next section), which provides you with a screen-based interface to install, remove, and update individual packages.

The tasksel dialog displays an extensive list of package collections covering the Internet servers, the Ubuntu desktops and desktop derivatives, and even graphics and multimedia packages. The desktops will install a complete desktop system, such as the Ubuntu desktop which includes the LightDM. If you install a desktop, the X server and the desktop interface is started up automatically, just as if you installed from the Ubuntu desktop DVD, instead of from the server CD. You will still be using the server kernel, though.

If you already know the name of the server or package collection you want to install, you can use tasksel command with the install option and the package name to install the package directly. You would not have to use the screen interface. The package names are usually the same as those listed on the screen interface, but in lower case with a dash connecting the words, as in samba-server for Samba server. The option --list-tasks lists the server and meta package names with their associated descriptions used on the screen interface. The following command directly installs the Samba server.

sudo tasksel install samba-server

You can use the remove option to remove server or meta package. Check the tasksel Man page for a complete set of options. The following example removes the DNS server (BIND).

sudo tasksel remove dns-server

Managing software with Aptitude

The Aptitude software tool provides a keyboard based screen interface on command line interfaces for managing software. Because of its easy-to-use screen interface, Aptitude is a very effective package management tool for Ubuntu server installs that do not have a desktop.

Check the Ubuntu Server Guide | Package Management | Aptitude for basic operations.




Access menu, the Ctrl-t will toggle between the menu and the main screen. Menu entries will also show equivalent key operations.

Arrow and Page up/down

Move to a selection


Expand a category or open a package description


Quit the current screen. If only one screen is open, quit Aptitude


Mark a package for installation


Mark a package for removal

g g

Install and removed marked packages, the first g displays a preview showing what packages will be installed and removed. Pressing g again performs the actual install and remove operations. Press q on the preview screen to leave the preview and not perform any install and remove operations.


Search for a package, the Find operation


Update the package list


Mark packages to be updated for updating, use gg to perform the actual update.


Display the list of key commands

F6 and F7

Move forward and backward between tabs (screens)

Table 4-1: Aptitude key commands

A menu bar at the top lets you use your arrow keys to select menus and entries for package management, searching, and views (see Figure 4-2 ). You use the Ctrl-t keys to access the menu, and the arrow keys to move to different menus. To quit aptitude just press the q key if only one screen is open. Aptitude can have several screens open at the same time, though only one is shown at a time. The tabs for the screens are listed under the menubar. As you open a new screen, its label will be displayed below the menu. Pressing the q key will close the current screen, and, if there is only one screen open, will quit from Aptitude. To move from one tab screen to another, use the F6 and F7 keys. To see a listing of all the key commands, press the ? key. Several commonly used key commands are listed in Table 4-1 .

You start Aptitude by entering the sudo aptitude command on the command line. On desktops open a terminal window.

sudo aptitude

The screen will have two main views, the top one listing packages by category, and the bottom one displaying information about a selected package or category. On the top view, use the arrow keys to move to an entry, and then press the ENTER key to expand an entry. Categories will expand to a package listing, and packages will open a detailed description, along with a listing of dependent packages. Use the + key to mark a package for installation, and the - key to mark an installed package for removal. You can also use the Package menu's Install and Remove entries.

Figure 4-2: Aptitude package manager




Installed package


Package not installed, but package configuration remains on system


Purged from system


Virtual package


Broken package


Unpacked files, but package not yet configured


Half-configured - Configuration failed and requires fix


Half-installed - Removal failed and requires fix

Table 4-2: Aptitude package codes

Each package entry begins with a letter denoting the package state. Uninstalled packages will be labeled with a p indicating a purged package, one not on the system. Installed packages will have the letter i. Packages marked for installation or removal will have an additional letter indicating an action yet to be taken. When a package is marked for installation it will have both a p and i (see Figure 4-3 ), as shown here for the alien package entry. Table 4-2 lists the package codes for Aptitude.

Figure 4-3: Aptitude: selecting packages

Figure 4-4: Aptitude: installing packages

Once you have selected packages for installation (or removal), press the g key. A preview of the packages to be installed and removed will be listed (see Figure 4-4 ). Then press the g key again; you will need to press g twice to install. Aptitude will change to the shell interface, displaying the download, unpack, and setup messages as packages are being installed. You will then be prompted to press return (the ENTER key), to return to the Aptitude interface. To install you could also select the Actions | Install/remove packages menu entry twice.

If you know the package name, you can search for it to locate it more easily. To open a search window, press the / key (or from the menubar (Ctrl-t) use the right arrow key to move to the Search menu and select Find). Type in your search and press ENTER. The selected package will be listed and highlighted.

In Figure 4-4 , you will also see that two tabs (screens) are actually open, Packages and Preview. The Preview tab is currently displayed. You can use the F7 and F6 keys to move to the other tab (Packages) and back again. Use the q key to close a tab. With the Preview tab open, pressingq will quit and close the Preview screen.

Managing software with APT

APT is designed to work with repositories, and will handle any dependencies for you. It uses dpkg to install and remove individual packages, but can also determine what dependent packages need to be installed, as well as query and download packages from repositories. Several popular tools for APT let you manage your software easily, like the Synaptic Package Manager, the Ubuntu Software Center, and aptitude. The Ubuntu Software Center and the Synaptic Package Manager rely on a desktop interface like GNOME. If you are using the command line interface, you can use apt-get to manage packages. Using the apt-get command on the command line you can install, update, and remove packages. Check the apt-get man page for a detailed listing of apt-get commands (see Table 4-3 ).

apt-get command package




Download and resynchronize the package listing of available and updated packages for APT supported repositories. APT repositories updated are those specified in /etc/apt/sources.list


Update packages, install new versions of installed packages if available.


Update (upgrade) all your installed packages to a new release


Install a specific package, using its package name, not full package file name.


Remove a software package from your system.


Download and extract a source code package


Check for broken dependencies


Removes the downloaded packages held in the repository cache on your system. Used to free up disk space.

Table 4-3: apt-get commands

The apt-get command takes two arguments: the command to perform and the name of the package. Other APT package tools follow the same format. The command is a term such as install for installing packages, or remove to uninstall a package. Use the install, remove, or updatecommands respectively. You only need to specify the software name, not the package's full file name. APT will determine that. To install the alien package you would use:

sudo apt-get install alien

To make sure that apt-get has current repository information, use the apt-get update command.

sudo apt-get update

To remove packages, you use the remove command.

sudo apt-get remove alien

You can use the -s option to check the install operation without performing the actual installation. This allows you to check whether any dependency problems exist. For remove operations you can use -s to find out first what dependent packages will also be removed.

sudo apt-get remove -s alien

A complete log of all install, remove, and update operations are kept in the /var/log/dpkg.log file. You can consult this file to find out exactly what files were installed or removed.

Configuration for APT is held in the /etc/apt directory. Here the sources.list file lists the distribution repositories from where packages are installed. Source lists for additional third-party repositories are kept in the /etc/sources.list.d directory. GPG (GNU Privacy Guard) database files hold validation keys for those repositories. Specific options for apt-get are can be found in the /etc/apt.conf file or in various files located in the /etc/apt.conf.d directory.

Updating packages (Upgrading) with apt-get

The apt-get tool also lets you easily update your entire system at once. The terms update and upgrade are used differently from other software tools. In apt-get, the update command just updates your package listing, checking for packages that may need to install newer versions, but not installing those versions. Technically, it updates the package list that APT uses to determine what packages need to be updated. The term upgrade is used to denote the actual update of a software package; a new version is downloaded and installed. What is referred to as updating by apt-get, other package managers refer to as obtaining the list of software packages to be updated. In apt-get, upgrading is what other package managers refer to as performing updates.

TIP: The terms update and upgrade can be confusing when used with apt-get. The update operation updates the Apt package list only, whereas an upgrade actually downloads and installs updated packages.

Upgrading is a simple matter of running apt-get with the upgrade command. With no package specified, using apt-get with the upgrade command will upgrade your entire system. Add the -u option to list packages as they are upgraded. First, make sure your repository information (package list) is up to date with the update command, then issue the upgrade command.

sudo apt-get update
sudo apt-get -u upgrade

For automatic updates, install the unattended-upgrades package if you have not done so already.

sudo apt-get install unattended-upgrades

Security updates are enabled by default. To configure updates, you edit the /etc/apt/apt.conf.d/50unattended-upgrades file.

sudo nano /etc/apt/apt.conf.d/50unattended-upgrades

To allow updates, remove the preceding comment characters (//) from the "${distro_id} ${distro_codename}-updates" entry in the Unattended-Upgrade::Allowed-Origins section.

Unattended-Upgrade::Allowed-Origins {
"${distro_id} ${distro_codename}-security";
// "${distro_id} ${distro_codename}-updates";
// "${distro_id} ${distro_codename}-proposed";
// "${distro_id} ${distro_codename}-backports";

In the /etc/apt/apt.conf.d/10periodic file you can specify the frequency of the updates as well as the download and package list update frequency.

APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";

To be notified of updates, install the apticron package.

sudo apt-get install apticron

Edit the /etc/apticron/apticron.conf file to set notification options such as the email address to sent notification messages to.

Command Line Search and Information: dpkg-query and apt-cache tools

The dpkg-query command lets you list detailed information about your packages. It operates on the command line (terminal window). Use dpkg-query with the -l option to list all your packages.

dpkg-query -l

The dpkg command can operate as a front end for dpkg-query, detecting its options to perform the appropriate task. The preceding command could also be run as:

dpkg -l

Listing a particular package requires and exact match on the package name, unless you use pattern matching operators. The following command lists the wine package (Windows Compatibility Layer).

dpkg-query -l wine

A pattern matching operator, such as *, placed after a pattern will display any packages beginning with the specified pattern. The pattern with operators needs to be placed in single quotation marks to prevent an attempt by the shell to use the pattern to match on filenames on your current directory. The following example finds all packages beginning with the pattern "wine". This would include packages with names such as wine-doc and wine-utils.

dpkg-query -l 'wine*'

You can further refine the results by using grep to perform an additional search. The following operation first outputs all packages beginning with wine, and from those results, the grep operations lists only those with the pattern dev in their name, such as wine-dev.

dpkg -l 'wine*' | grep 'dev'

Use the -L option to list only the files that a package has installed.

dpkg-query -L wine

To see the status information about a package, including its dependencies and configuration files, use the -s option. Fields will include Status, Section, Architecture, Version, Depends (dependent packages), Suggests, Conflicts (conflicting packages), and Conffiles (configuration files).

dpkg-query -s wine

The status information will also provide suggested dependencies. These are packages not installed, but likely to be used. For the wine package, the msttcorefonts Windows fonts package is suggested.

dpkg-query -s wine | grep Suggests

Use the -S option to determine to which package a particular file belongs to.

dpkg-query -S filename

You can also obtain information with the apt-cache tool. Use the search command with apt-cache to perform a search.

apt-cache search wine

To find dependencies for a particular package, use the depends command.

apt-cache depends wine

To display just the package description, use the show command.

apt-cache show wine

Note: With the Aptitude software manager, you can use the aptitude command with the search and show options to find and display information about packages.

Source code files

Though you can install source code files directly, the best way to install one is to use apt-get. Use the source command with the package name. Packages will be downloaded and extracted.

sudo apt-get source alien

The --download option lets you just download the source package without extracting it. The --compile option will download, extract, compile, and package the source code into a Debian binary package, ready for installation.

No dependent packages will be downloaded. If you have a software package that requires any dependent packages to run, you will have to download and compile those also. To obtain needed dependent files, use the build-dep option. All your dependent files will be located and downloaded for you automatically.

sudo apt-get build-dep alien

Managing Software from the Ubuntu Desktop

If you have install the Ubuntu desktop (either from the Server install or directly from a Desktop DVD), you can use desktop-based software management tools for installing, updating, and removing software.

Repositories managed from Ubuntu Desktop: Software & Updates

If you have installed a desktop interface, you can manage your repositories with the Software & Updates dialog (formerly Software Sources), allowing you to enable or disable repository sections, as well as add new entries. This dialog edits the /etc/apt/sources.list file directly. You can access Software & Updates from the Applications lens, System filter. You can also access it on the Ubuntu Software Center from the Edit menu, and on the Synaptic Package Manager from the Settings menu as the Repositories entry. The Software & Updates dialog displays five tabs: Ubuntu Software, Other Software, Updates, Authentication, and Statistics (see Figure 4-5 ). The Ubuntu Software tab lists all the Ubuntu repository section entries. These include the main repository, universe, restricted, and multiverse, as well as source code. Those that are enabled will be checked. Initially all of them, except the source code, will be enabled. You can enable or disable a repository section by checking or un-checking its entry. You can select the repository server to use from the “Download from” drop-down menu.

Figure 4-5: Software & Updates Ubuntu Software repository sections.

On the Other Software tab, you can add repositories for third-party software (see Figure 4-6 ). The repository for Ubuntu partners will already be listed, but not checked. Check that entry if you want access to software from the Partners repository such as Adobe reader. To add a third-party repository manually, click the Add Volume button. This opens a dialog where you enter the complete APT entry, starting with the deb format, followed by the URL, release, and sections or packages. This is the line as it will appear in the /etc/apt/sources.list file. Once entered, click the Add Source button.

Figure 4-6: Software & Updates Other Software configuration

The Updates tab lets you configure how updates are handled (see Figure 4-7 ). The tab specifies both your update repositories and how automatic updates are managed. You have the option to install Important Security Updates (vivid-security), Recommended Updates (vivid-updates), Pre-released Updates (vivid-proposed), and Unsupported Updates (vivid-backports). The Important Security and Recommended updates will already be selected; these cover updates for the entire Ubuntu repository. Pre-released and unsupported updates are useful if you have installed any packages from the backports or pre-release repositories.

Figure 4-7: Software & Updates Update configuration

Your system is already configured to check for updates automatically on a daily basis. You can opt not to check for updates at all by un-checking the “Check for updates” check box. You also have options for how updates are handled. You can install any security updates automatically, without confirmation. You can download updates in the background. Or you can just be notified of available updates, and then choose to install them when you want. The options are exclusive.

On this tab, you also can choose what releases to be notified of: the LTS releases only, all releases, or none.

The Authentication tab shows the repository software signature keys that are installed on your system (see Figure 4-8 ). Ubuntu requires a signature key for any package that it installs. Signature keys for all the Ubuntu repositories are installed, and are listed on this tab, including your CD/DVD disc.

Figure 4-8: Software & Updates Authentication, package signature keys

Most other third party or customized repositories will provide a signature key file for you to download and import. You can add such keys manually from the Authentication tab. Click the Import Key File to open a file browser where you can select the downloaded key file. This procedure is the same as the apt-key add operation. Both add keys that APT then uses to verify DEB software packages downloaded from repositories before it installs them.

After you have made changes and click the Close button, the Software & Updates tool will notify you that your software package information is out of date, displaying a Reload button. Click the Reload button to make the new repositories or components available on your package managers, like the Ubuntu Software Center and the Synaptic Package Manager. You also can reload your repository configuration by running apt-get update, clicking the Reload button on the Synaptic Package Manager, or clicking the Check button on the Software updater.

Managing Packages with the Ubuntu Software Center

To perform simple installation and removal of software, you can use the Ubuntu Software Center, which is the primary supported package manager for Ubuntu. The Ubuntu Software Center is designed to be the centralized utility for managing all your software. The Ubuntu Software Center is also a store for commercial Ubuntu applications. For more details on the Ubuntu Software Center, open the Ubuntu Help dialog by choosing Ubuntu Software Center Help from the Ubuntu Software Center's Help menu.

To use the Ubuntu Software Center, click the Ubuntu Software Center icon on the Launcher or from the System dash. The Ubuntu Software Center displays a toolbar, a side panel on the left showing categories and software lists (see Figure 4-9 ).

The "What's New" and "Top Rated" sections at the right provide a listing of new and popular applications. Click on an icon to display its information tab where you can install the application or link to its web site. Click the More button at the top right of each section to open a full listing of new and top-rated software. The "Recommended For You" feature lists applications you may be interested in based on software you have installed. Click the "Turn on Recommendations" link to turn this feature on (also, you can choose Turn On Recommendations from the View menu).

Figure 4-9: Ubuntu Software Center

The toolbar provides forward and back buttons for moving through previously viewed software listing and search results. On the toolbar, software icons and menus let you choose the software categories you want to view or search. The All Software icon displays all available software. A drop-down menu to the right of the icon lets you limit your views and searches to certain software categories such as "Provided by Ubuntu" for Ubuntu supported software, "Canonical Partners" for software available from Ubuntu partners like Adobe, and "For Purchase" for software you can purchase.

Clicking the All Software icon displays the listing of software categories, such as Office, Graphics, Internet, and System on a left sidebar. Clicking on a category will list the available software with a brief description of each (see Figure 4-10 ). Some categories will have subcategories such as Drawing and Viewers for Graphics (see Figure 4-11 ). You can scroll down the list to find the package you want. Installed software will have a green check mark emblem displayed on their small icon. To display the sidebar of software categories again, just click on the All Software button.

Figure 4-10: Ubuntu Software Center package listing

Figure 4-11: Ubuntu Software Center sub-categories

To install a package, first locate it. Once you have found your package, you can click it to display an Install button on the right side, which you click to install (see Figure 4-10 ). An install process entry is displayed on the left sidebar as the package is installed.

Should you want more information about a package, click the More Info button to open a new tab for that application. The application tab for an uninstalled package will have an Install button and display a detailed description of the application, along with the License and Price, if any (see Figure 4-12 ). For software on the Ubuntu repository, most have an Open Source license and the software is free. You can click the Website link to access the application's Web site, which may provide detailed documentation. If an application thumbnail is displayed, you can click on it to display the full image. Under the Add-ons heading is a list of associated software designed to work with your application. Packages installed already are marked. To install an additional software package, click on its checkbox. An Apply Changes button appears above the Add-ons list, which you then click.

Figure 4-12: Ubuntu Software Center application

The "People Also Installed" section lists applications that others users who installed the package have also installed. These popular applications are similar or complementary to the package.

Version, License, size, and update information are then listed. The update information indicates whether it is supported by the Ubuntu repository. If Canonical does not provide critical updates, the package is part of the Universe or Multiverse repositories. User reviews follow, providing information about the software's stability and usefulness.

You also can install the application from this page by clicking the Install button (if the application is already installed, a Remove button is shown). You are prompted to enter your password. You also can choose the Install item on the File menu to install the application (File | Install).

A progress bar on the Info page will show the download and install progress. A "Progress" icon also appears in the toolbar. Clicking on it displays the progress bar and the package name (see Figure 4-13 ). When installation takes place, the Launcher item for that application is placed on the Launcher. A progress bar on the Launcher item shows the install progress (see Figure 4-13 ). When installation is finished, the Launcher item is placed on the Launcher for that session. You can have it stay on the Launcher permanently by choosing "Lock to launcher" entry on its quicklist.

Figure 4-13: Ubuntu Software Center and Launcher item download and install progress

When finished, the application page displays a Remove button and a green check mark with the installed label and the date (see Figure 4-14 ). The entry in the list of applications also will have a green checkmark emblem indicating that the application is installed.

Figure 4-14: Ubuntu Software Center installed application

To remove a package, first locate it in the package lists and select it. A Remove button will appear which you can click to remove it. You also can use the Remove button on the application's Info page.

You can perform a search using the Search box. The search is performed on the description and the package name. To remove the search list and return to the All Software page, click the x button icon on the right side of the search box. Searches can be carried out within categories and subcategories. To search globally, search from the "All Software" page. In Figure 4-15 all vector related applications are listed.

Figure 4-15: Ubuntu Software Center search

If you have selected a category and are displaying a category page like Graphics, then the search will be performed only on the packages in that category. In Figure 4-16 only vector applications in the Graphics | Drawing subcategory are listed.

Figure 4-16: Ubuntu Software Center search within a category

On the Ubuntu Software Center toolbar, the Installed icon lists installed software, with a drop-down menu for installed Ubuntu, Partner, and Purchased software. Software categories such as Graphics and Office are listed, which you can expand to show those packages installed (seeFigure 4-17 ).

On the toolbar, the History icon displays a list of all package changes, installations, updates, and removals.

The Ubuntu Software Center is a front end for the APT package manager. When you install a package with the Ubuntu Software Center, APT is invoked and automatically selects and downloads the package from the appropriate online repository.

Figure 4-17: Ubuntu Software Center installed software

The packages listed in the Ubuntu Software Center are set up using the app-install-data packages, accessible through the Synaptic Package Manager. The app-install-data and app-install-data-partner packages will already be installed. These list the commonly used packages on the Ubuntu repository. In addition, you can install the app-install-data-edubuntu package to list edubuntu educational packages.

Synaptic Package Manager

The Synaptic Package Manager has been replaced by the Ubuntu Software Center as the primary package manager. It is not installed by default. Synaptic is no longer supported by Ubuntu, though support is still provided by the Ubuntu community. Packages are listed by name and include supporting packages like libraries and system critical packages. Once installed, you can access the Synaptic Package Manager on the System dash.

The Synaptic Package Manager displays three panes: a side pane for listing software categories and buttons, a top pane for listing software packages, and a bottom pane for displaying a selected package's description. When a package is selected, the description pane also displays a Get Screenshot button. Clicking this button will download and display an image of the application, if there is one. Click the Get Changelog button to display a window listing the application changes.

Buttons at the lower left of the Synaptic Package Manager window provide options for organizing and refining the list of packages shown (see Figure 4-18 ). Five options are available: Sections, Status, Origin, Custom Filters, and Search results. The dialog pane above the buttons changes depending on which option you choose. Clicking the Sections button will list section categories for your software such as Base System, Communications, and Development. The Status button will list options for installed and not installed software. The Origin button shows entries for different repositories and their sections, as well as those locally installed (manual or disc based installations). Custom filters lets you choose a filter to use for listing packages. You can create your own filter and use it to display selected packages. Search results will list your current and previous searches, letting you move from one to the other.

Figure 4-18: Synaptic Package Manager: Quick search

The Sections option is selected by default (see Figure 4-19 ). You can choose to list all packages, or refine your listing using categories provided in the pane. The All entry in this pane will list all available packages. Packages are organized into categories such as Base System, Cross Platform, and Communications. Each category is, in turn, subdivided by multiverse, universe, and restricted software.

To perform a quick search, enter the pattern to be searched for in the "Quick search" box and the results will appear. In Figure 4-18 the inkscape pattern is used to locate the Inkscape graphics software. Quick searches will be performed within selected sections. Selecting different sections applies your quick search pattern to the packages in that section. Clicking on the Editors section with an inkscape search pattern would give no results, since Inkscape is not an editor package.

Figure 4-19: Synaptic Package Manager: Sections

Status entries further refine installed software as manual or as upgradeable (see Figure 4-20 ). Local software consists of packages you download and install manually.

With the Origin options, Ubuntu-compliant repositories may further refine access according to multiverse, universe, and restricted software. A main section selects Ubuntu-supported software.

Figure 4-20: Synaptic Package Manager: Status

To perform more detailed searches, you can use the Search tool. Click the Search button on the toolbar to open a Search dialog with a text box where you can enter search terms. A pop-up menu lets you specify what features of a package to search, such as the "Description and Name" feature. You can search other package features like the Name, the maintainer name (Maintainer), the package version (Version), packages it may depend on (Dependencies), or associated packages (Provided Packages). A list of searches will be displayed in Search Results. You can move back and forth between search results by clicking on the search entries in this listing.


To find out information about a package, select the package and click the Properties button. This opens a window with Common, Dependencies, Installed Files, Versions, and Description tabs. The Common tab provides section, versions, and maintainer information. The Installed Files tab shows you exactly what files are installed, which is useful for finding the exact location, and names for configuration files, as well as commands. The Description tab displays detailed information about the software. The Dependencies tab shows all dependent software packages needed by this software, usually libraries.

Installing packages

Before installing software, you should press the Reload button to load the most recent package lists from the active repositories.

To install a package, right-click on its name to display a pop-up menu and select the Mark for installation entry. Should any dependent packages exist, a dialog opens listing those packages. Click the Mark button in the dialog to mark those packages for installation. The package entry’s check box will then be marked in the Synaptic Package Manager window.

Once you have selected the packages you want to install, click the Apply button on the toolbar to begin the installation process. A Summary dialog opens showing all the packages to be installed. You have the option to download the package files. The number of packages to be installed is listed, along with the size of the download and the amount of disk space used. Click the Apply button on the Summary dialog to download and install the packages. A download window will then appear showing the progress of your package installations. You can choose to show the progress of individual packages, which opens a terminal window listing each package as it is downloaded and installed.

Once downloaded, the dialog name changes to Installing Software. You can choose to have the dialog close automatically when finished. Sometimes installation requires user input to configure the software. You will be prompted to enter the information if necessary.

When you right-click a package name, you also see options for Mark Suggested for Installation, or Mark Recommended for Installation. These will mark applications that can enhance your selected software, though they are not essential. If there are no suggested or recommended packages for that application, then these entries will be grayed out.

Certain software, like desktops or office suites that require a significant number of packages, can be selected all at once using metapackages. A metapackage has configuration files that select, download, and configure the range of packages needed for such complex software. For example, the kubuntu-desktop meta package will install the entire Kubuntu desktop (Sections | Meta Packages).

Removing packages

To remove a package, first locate it. Then right-click it and select the "Mark package for removal" entry. This will leave configuration files untouched. Alternatively, you can mark a package for complete removal, which will also remove any configuration files, "Mark for Complete Removal." Dependent packages will not be removed.

Once you have marked packages for removal, click the Apply button. A summary dialog displays the packages that will be removed. Click Apply to remove them.

The Synaptic Package Manager may not remove dependent packages, especially shared libraries that might be used by other applications. This means that your system could have installed packages that are never being used. Their continued presence will not harm anything.

Note: You can further refine your search for packages on the Synaptic Package Manager by creating search filters. Select the Settings | Filters menu entry to open the Filters window. To create a new filter, click the New button located just below the filter listing.

Updating Ubuntu with Software Updater

New updates are continually being prepared for particular software packages as well as system components. These are posted as updates you can download from software repositories and install on your system. These include new versions of applications, servers, and even the kernel. Such updates may range from single software packages to whole components. Updating your Ubuntu system is a very simple procedure, using Software Updater, a graphical update interface for APT.

The Software Updater item appears on the Launcher when updates are available. You can invoke the update from its quicklist, as shown here:

When invoked from the quicklist, the Software Updater icon shows a progress bar. When finished, a dialog indicating the update completion or the need for a restart is shown.

You can also start the Software Updater manually from the Applications lens System filter, or by clicking on the Software Updater Launcher icon, which appears when updates are avialable. When manually invoked, the Software Updater displays a simple dialog displays the amount to be downloaded with "Remind Me Later" and "Install Now" buttons (see Figure 4-21 ). A manual update gives you more control over the update, letting you choose packages to install.

Figure 4-21: Software Updater with selected packages

To see actual packages to be updated, click the "Details of updates" arrow. Packages are organized into application categories such as Ubuntu base for the Linux OS packages, Firefox for Firefox updates, and LibreOffice for office updates. You can expand these to individual packages. The check boxes for each entry lets you de-select any particular packages you do not want to update (see Figure 4-6 ). Packages are organized according to importance, beginning with Important security updates and followed by Recommended updates. You should always install the security updates. All the APT-compatible repositories that are configured on your system will be checked for updates.

Figure 4-22: Details of updates

To see a detailed description of a particular update, select the update and then click the "Technical description" arrow (see Figure 4-23 ). Two tabs are displayed: Changes and Description. The Changes tab lists detailed update information, and Description provides information about the software.

Click the Install Now button to start updating. The packages will be downloaded from their appropriate repository. Once downloaded, the packages are updated.

Figure 4-23: Details of updates, Technical description

When downloading and installing, a dialog appears showing the download and install progress (see Figure 4-24 ). You can choose to show progress for individual files. A window will open up that lists each file and its progress. Once downloaded, the updates are installed. Click the Details arrow to see install messages for particular software packages. The Software Updater Launcher item will also show a progress bar for the install process and the number of updates, as shown in Figure 4-24 ).

Figure 4-24: Download updates

When the update completes, Software updater will display a message saying that your system is up-to-date. If a critical package was installed such as a new kernel, you will be prompted to restart your system. The power icon will turn red as a warning, and the Session menu will have the added entry "Restart required."

Installing Software from the Applications Dash

You can install software packages directly from the Applications lens on the dash. This is perhaps the easiest and simplest way to install software, if you already know the name of the software you want. Open the dash and click the Applications lens, and then perform a search for the application you want. Use the "Filter results" buttons to search within a particular category, such as Office or Internet. Results are listed under the "More suggestions" heading (see Figure 4-25 ). A label indicates whether it is free or not.

Figure 4-25: Searching for software on the Dash, Applications lens

Click on the application icon to open the information for it on the dash. An image of the application window is shown, along with a description and version number (see Figure 4-26 ). There is a button for the development Web site. Software available on from the Ubuntu repositories will have a "Free Download" button. Click the button to start the download and installation. You are prompted first for your administrative password. As the download and install proceeds, an icon for the application appears on the launcher with a progress bar (see Figure 4-26 ). Passing the mouse over the icon displays an Installing status message.

Figure 4-26: Application to install from the dash

Ubuntu Software Center for separate DEB packages

You can also use the Ubuntu Software Center to perform an installation of a single DEB software package. Usually these packages are downloaded directly from a Web site and have few or no dependent packages. When you use your browser to download a particular package, you will be prompted to open it with Ubuntu Software Center. The Ubuntu Software Center opens to an install page for that software package, displaying information about the package and checking to see if it is compatible with your system. Click the Install button to download and install the package. It is advisable to use the Ubuntu Software Center to install a manually downloaded package.

You could also first download the package, and then later select it from your file manager window (usually the Downloads folder). Double clicking should open the package with the Ubuntu Software Center. You can also right-click and choose to open it with the Ubuntu Software Center.

Software Package Types

Ubuntu uses Debian-compliant software packages (DEB), whose filenames have a .deb extension. Other packages, such as those in the form of source code that you need to compile, may be distributed as compressed archives. These commonly have the extension .tar.gz, .tgz, or.tar.bz2. Packages with the .rpm extension are Red Hat Package software packages used on Red Hat, Fedora, SuSE and other Linux distributions that use RPM packages. They are not compatible directly with Ubuntu. You can use the alien command to convert most RPM packages to DEB packages that you can then install on Ubuntu. Table 4-2 lists several common file extensions that you will find for the great variety of Linux software packages available. You can download any Ubuntu-compliant deb package, as well as the original source code package, as single files, directly from

Managing non-repository packages with dpkg

You can use dpkg to install a software package you have downloaded directly as a simple package file. In this case, you are not installing from a repository. Instead, you have manually downloaded the package file from a Web or FTP site to a folder on your system. Such a situation would be rare, reserved for software not available on the Ubuntu repository or any APT enabled repository. Keep in mind that most software is already on your Ubuntu or an APT enabled repositories. Check there first for the software package before performing a direct download, and install with dpkg. The dpkg configuration files are located in the /etc/dpkg directory. Configuration is held in the dpkg.cfg file. See the dpkg man page for a detailed listing of options.

One situation for which you would use dpkg, is for packages you have built yourself, like packages you created when converting a package in another format to a Debian package (DEB). This is the case when converting a RPM package (Red Hat Package Manager) to a Debian package format.

For dpkg, you use the -i option to install a package and -r to remove it.

sudo dpkg -i package.deb

The major failing for dpkg is that it provides no dependency support. It will inform you of needed dependencies, but you will have to install them separately. dpkg installs only the specified package. It is ideal for packages that have no dependencies.

You use the -I option to obtain package information directly from the DEB package file.

sudo dpkg -I package.deb

To remove a package you use the -r option with the package software name. You do not need version or extension information like .386 or .deb. With dpkg, when removing a package with dependencies, you first have to remove all its dependencies manually. You will not be able to uninstall the package until you do this. Software configuration files are not removed.

sudo dpkg -r packagename


Package type


A Debian/Ubuntu Linux package


A gzip-compressed file (use gunzip to decompress)


A bzip2-compressed file (use bunzip2 to decompress; also use the j option with tar, as in xvjf)


A tar archive file (use tar with xvf to extract)


A gzip-compressed tar archive file (use gunzip to decompress and tar to extract; use the z option with tar, as in xvzf, to both decompress and extract in one step)


A bzip2-compressed tar archive file (extract with tar -xvzj)


A tar archive file compressed with the compress command


A file compressed with the compress command (use the decompress command to decompress)


A self-extracting software file


A software package created with the Red Hat Software Package Manager, used on Fedora, Red Hat, Centos, and SuSE distributions

Table 4-4: Linux Software Package File Extensions

If you install a package that requires dependencies, and then fail to install these dependencies, your install database will be marked as having broken packages. In this case, APT will not allow new packages to be installed until the broken packages are fixed. You can enter the apt-getcommand with the -f and install options to fix all broken packages at once.

sudo apt-get -f install

Installing Software from Compressed Archives: .tar.gz

Linux software applications in the form of source code are available at different sites on the Internet. You can download any of this software and install it on your system. Recent releases are often available in the form of compressed archive files. Applications will always be downloadable as compressed archives if they don’t have a DEB (Ubuntu) version.

Decompressing and Extracting Software

Before you unpack the archive, move it to the directory where you want it. When source code files are unpacked, they generate their own subdirectories from which you can compile and install the software. Once the package is installed, you can delete this directory, keeping the original source code package file (.tar.gz). For example, the file antigrav_0.0.3.orig.tar unpacks to a subdirectory called antigrav_0.0.3.orig. In certain cases, the software package that contains precompiled binaries is designed to unpack directly into the system subdirectory where it will be used.

Though you can decompress and extract software in separate operations, you will find that the more common approach is to perform both actions with a single command. The tar utility provides decompression options you can use to have tar first decompress a file for you, invoking the specified decompression utility. The z option automatically invokes gunzip to unpack a .gz file, and the j option unpacks a .bz2 file. Use the Z option for .Z files. For example, to combine the decompressing and unpacking operation for a tar.gz file into one tar command, insert a z option to the option list, xzvf. The next example shows how you can combine decompression and extraction in one step:

tar xvzf antigrav_0.0.3.orig.tar.gz

For a .bz2-compressed archive, you use the j option instead of the z option.

tar xvjf antigrav_0.0.3.orig.tar.bz2

Files ending with .bin are self-extracting archives. Run the bin file as if it were a command. You may have to use chmod to make it executable. Then enter the file as a command on a command line, with ./ attached to the beginning of the file name.

sudo chmod 755 package

The extraction process creates a subdirectory consisting of the name and release of the software. In the preceding example, the extraction created a subdirectory called antigrav_0.0.3.orig. You can change to this subdirectory and examine its files, such as the README and INSTALLfiles.

cd antigrav_0.0.3.orig

Installation of your software may differ for each package. Instructions are usually provided along with an installation program. Be sure to consult the README and INSTALL files, if included.

Compiling Software

Some software may be in the form of source code that you need to compile before you can install it. This is particularly true of programs designed for cross-platform implementations. Programs designed to run on various Linux and UNIX systems may be distributed as source code that is downloaded and compiled in those different systems. Compiling such software has been greatly simplified in recent years by the use of configuration scripts that automatically detect a given system’s hardware and software configuration and then allow you to compile the program accordingly. For example, the name of the C compiler on a system could be gcc or cc. Configuration scripts detect which is present and select it for use in the program compilation.

Note: Some software will run using scripting languages like Python, instead of programming language code like C++. These may require only a setup operation (a setup command), not compiling. Once installed, they will run directly using the scripting language interpreter, like Python.

A configure script works by generating a customized Makefile, designed for that particular system. A Makefile contains detailed commands to compile a program, including any preprocessing, links to required libraries, and the compilation of program components in their proper order. Many Makefiles for complex applications may have to access several software subdirectories, each with separate components to compile. The use of configure and Makefile scripts vastly automates the compile process, reducing the procedure to a few simple steps.

First, change to the directory where the software’s source code has been extracted, as shown in this example:

# cd /usr/local/src/antigrav_0.0.3.orig

Before you compile software, read the README or INSTALL files included with it. These give you detailed instructions on how to compile and install this particular program.

Most software can be compiled and installed in three simple steps. Their first step is the ./configure command, which generates your customized Makefile. The second step is the make command, which uses a Makefile in your working directory (in this case, the Makefile you just generated with the ./configure command) to compile your software. The final step also uses the make command, but this time with the install option. The Makefile generated by the ./configure command also may contain instructions for installing the software on your system. Using the install option runs just those installation commands. To perform the installation, you have to be logged in as the root user, giving you the ability to add software files to system directories as needed. If the software uses configuration scripts, compiling and installing usually involves only the following three simple commands:

make install

In the preceding example, the./configure command performs configuration detection. The make command performs the actual compiling, using a Makefile script generated by the ./configure operation. The makeinstall command installs the program on your system, placing the executable program in a directory, such as /usr/local/bin, and any configuration files in /etc. Any shared libraries it created may go into /usr/local/lib.

Once you have compiled and installed your application, and you have checked that it is working properly, you can remove the source code directory that was created when you extracted the software. You can keep the archive file (tar) in case you need to extract the software again. Use rmwith the -rf options so that all subdirectories will be deleted and you do not have to confirm each deletion.

Tip: Be sure to remember to place the period and slash before the configure command. The ./ references a command in the current working directory, rather than another Linux command with the same name.

Certain software may have specific options set up for the ./configure operation. To find out what these are, you use the ./configure command with the --help option:

./configure --help

A useful common option is the -prefix option, which lets you specify the install directory:

./configure -prefix=/usr/bin

Note: If you are compiling an X, GNOME, or KDE-based program, be sure their development libraries have been installed.

Checking Software Package Digital Signatures

One very effective use for digital signatures is to verify that a software package has not been tampered with. A software package could be intercepted in transmission and some of its system-level files changed or substituted. Software packages from your distribution, as well as those by reputable GNU and Linux projects, are digitally signed. The signature provides modification digest information with which to check the integrity of the package. The digital signature may be included with the package file or posted as a separate file. To import a key that APT can use to check a software package, you use the apt-key command. APT will automatically check for digital signatures. To check the digital signature of a software package file that is not part of the APT repository system, you use the gpg command with the --verify option. These would include packages like those made available as compressed archives, .tar.gz, whereas APT can check all DEB packages itself.

Importing Software Public keys with apt-key

First, however, you will need to make sure that you have the signer’s public key. The digital signature was encrypted with the software distributor’s private key; that distributor is the signer. Once you have that signer’s public key, you can check any data you receive from them. In the case of third party software repositories, you have to install their public key. Once the key is installed, you do not have to install it again.

Ubuntu includes and installs its public keys with its distribution. For any packages on the Ubuntu repositories, the needed public keys are already installed and checked by APT automatically. With other sites, you may need to download the public key from their site and install it. You may also have to add repository support to access their Ubuntu compatible software. Once downloaded, you can then use the apt-key command to install the public key for use by APT in software verification. Ubuntu uses the apt-key command to maintain public keys for software packages. Use the apt-key command with the add option to add the key. To actually access the software repository you would have to also install its APT configuration file in the /etc/apt/sources.list.d directory.

Checking Software Compressed Archives

Many software packages in the form of compressed archives, .tar.gz or tar.bz2, will provide signatures in separate files that end with the .sig extension. To check these, you use the gpg command with the --verify option. For example, the most recent Sendmail package is distributed in the form of a compressed archive, .tar.gz. Its digital signature is provided in a separate .sig file. First, you download and install the public key for Sendmail software obtained from the Sendmail website (the key may have the year as part of its name). Sendmail has combined all its keys into one armored text file, PGPKEYS.

gpg --import PGPKEYS

You can also use the gpg command with the --search-key and --keyserver options to import the key. Keys matching the search term will be displayed in a numbered list. You will be prompted to enter the number of the key you want. The 2007 Sendmail key from the results from the following example would be 7. This is the key used for 2007 released software.

gpg --keyserver --search-keys Sendmail

Instead of using gpg, you could use Encryptions and Password Keys application to find and import the key (Accessories | Encryption and Password Keys).

To check a software archive, a tar.gz, file, you need to also download its digital signature files. For the compressed archive (.tar.gz) you can use the .sig file ending in .gz.sig, and for the uncompressed archive use .tar.sig. Then, with the gpg command and the --verify option, use the digital signature in the .sig file to check the authenticity and integrity of the software compressed archive.

$ gpg --verify sendmail.8.14.2.tar.gz.sig sendmail.8.14.2.tar.gz
gpg: Signature made Wed 31 Oct 2007 08:23:07 PM PDT using RSA key ID 7093B841
gpg: Good signature from "Sendmail Signing Key/2007 <sendmail@Sendmail.ORG>"$

You can also specify just the signature file, and gpg will automatically search for and select a file of the same name, but without the .sig or .asc extension.

gpg --verify sendmail.8.14.2.tar.gz.sig

In the future, when you download any software from the Sendmail site that uses this key, you just have to perform the --verify operation. Bear in mind, though, that different software packages from the same site may use different keys. You will have to make sure that you have imported and signed the appropriate key for the software you are checking.

Tip: You can use the --fingerprint option to check a key’s validity if you wish. If you are confident that the key is valid, you can then sign it with the --sign-key command.