Software management: Difference between revisions
Prabuanand (talk | contribs) m (fixed typo) |
Prabuanand (talk | contribs) (moved heading with explanation on why Chroot + Bubblewrap is a container) |
||
| Line 1: | Line 1: | ||
This page documents various ways to manage software in Alpine Linux. The official package manager i.e [[Alpine Package Keeper|Alpine Package Keeper(apk)]], a CLI tool can be supplemented by graphical tools like [[#Gnome software|Gnome software]], [[#KDE Discover|KDE Discover]] to manage official software packages and [[#Flatpak|Flatpaks]]. This page also documents ways to [[#Running glibc programs|run software compiled with glibc]]. | This page documents various ways to manage software in Alpine Linux. The official package manager i.e [[Alpine Package Keeper|Alpine Package Keeper(apk)]], a CLI tool can be supplemented by graphical tools like [[#Gnome software|Gnome software]], [[#KDE Discover|KDE Discover]] to manage official software packages and [[#Flatpak|Flatpaks]]. | ||
This page also documents ways to [[#Running glibc programs|run software compiled with glibc]] including graphical programs like {{ic|google-chrome}}, {{ic|Visual Studio Code}}, {{ic|obsidian}} etc... | |||
== Alpine package keeper == | == Alpine package keeper == | ||
| Line 22: | Line 24: | ||
== Running glibc programs == | == Running glibc programs == | ||
If you want to run [https://www.gnu.org/software/libc/ glibc] programs in Alpine Linux, there are a few ways of doing so. | If you want to run [https://www.gnu.org/software/libc/ glibc] programs in Alpine Linux, there are a few ways of doing so. | ||
For simpler binaries, you can install [[#gcompat|gcompat]] a compatibility layer or you could do it the easy way and use [[#Flatpak|Flatpaks]]. See [[#Containers|containers]] or [[#Chroot|chroot]] section for ways to run glibc programs including graphical ones. | |||
=== gcompat === | === gcompat === | ||
| Line 29: | Line 33: | ||
After that you run your binaries as normal. | After that you run your binaries as normal. | ||
For an usage example, refer [[Firefox#DRM_content_using_Widevine_workaround|Firefox]] page, where gcompat is used to run glibc compiled Widevine binary. | |||
== Containers == | |||
=== Distrobox + Podman === | |||
[[Podman]] containers are used with a helper like [https://distrobox.it/ Distrobox]. This allows using graphical programs easy and doesn't require root privileges once set up. | |||
Installing {{pkg|distrobox}} package automatically installs {{pkg|podman}} package as a dependency, on issuing the command:{{cmd|# apk add {{pkg|distrobox}}}} | |||
Configure Podman to run in [[Podman#Running in rootless mode|rootless mode]]. | |||
Create a container using an image of your choice. Here Debian is installed using the command:{{cmd|$ distrobox create --name my-debian --image debian | |||
$ distrobox enter my-debian}} | |||
When [[Wayland]] desktop like [[Sway]] runs without {{pkg|xwayland}} on the Alpine Linux host, electron apps like {{ic|vscode}}, {{ic|google-chrome}} etc needs to be started as follows:{{ic|<nowiki>$ distrobox enter my-debian -- code --ozone-platform=wayland</nowiki>}}. | |||
If you are running X11 desktop, it may also be necessary to allow X authorization for GUI programs to work: {{ic|$ xhost +si:localuser:$USER}} | |||
=== Chroot + Bubblewrap === | |||
It's also possible to use a Debian system [[Chroot|chroot]] with [[Bubblewrap]]. Here the alias {{ic|glibc}} creates a container using bubblewrap, where the Debian chroot is the content of that container. It's not just a chroot anymore; it's a bwrap-powered isolated environment. This allows running graphical programs easy and doesn't require root privileges once installed. | |||
{{cmd|<nowiki># apk add bubblewrap debootstrap | |||
# mkdir -p /var/chroots/debian | |||
# debootstrap --arch amd64 stable /var/chroots/debian/ https://deb.debian.org/debian </nowiki>}} | |||
Finally we can make an alias for bwrap. | |||
{{cmd|$ alias glibc{{=}}"LANG{{=}}en_US.UTF-8 bwrap --bind /var/chroots/debian / --dev-bind /dev /dev --proc /proc --bind /sys /sys --bind /run /run --bind /home /home --ro-bind /etc/resolv.conf /etc/resolv.conf --ro-bind /etc/passwd /etc/passwd --ro-bind /etc/group /etc/group"}} | |||
To run programs that use X11/Xorg you can use: | |||
{{cmd|$ alias glibcX11{{=}}"LANG{{=}}en_US.UTF-8 bwrap --bind /var/chroots/debian / --dev-bind /dev /dev --proc /proc --bind /sys /sys --bind /run /run --bind /home /home --ro-bind /etc/resolv.conf /etc/resolv.conf --ro-bind /etc/passwd /etc/passwd --ro-bind /etc/group /etc/group --bind /tmp/.X11-unix/X0 /tmp/.X11-unix/X0 --setenv DISPLAY :0"}} | |||
In this case you might need to use xhost to allow local connections, e.g.: | |||
{{cmd|# xhost + local:}} | |||
Now we can invoke glibc-built binaries like so: | |||
{{cmd|$ glibc ./binary}} or {{cmd|$ glibcX11 ./binary}} | |||
When [[Wayland]] desktop like [[Sway]] runs without {{pkg|xwayland}} on the Alpine Linux host, electron apps like {{ic|vscode}}, {{ic|google-chrome}} etc needs to be started as follows:{{ic|<nowiki>$ glibc code --ozone-platform=wayland</nowiki>}}. | |||
For updating the Chroot or installing applications and their dependencies, we can mount it and then login as root: | |||
{{cmd|<nowiki># mount --bind /dev /var/chroots/debian/dev | |||
# mount --bind /proc /var/chroots/debian/proc | |||
# mount --bind /dev/pts /var/chroots/debian/dev/pts | |||
# chroot /var/chroots/debian /bin/bash | |||
# apt update && apt upgrade</nowiki>}} | |||
After installing what you might want to umount the binds for dev, proc and pts to avoid issues. | |||
{{cmd|<nowiki># umount /var/chroots/debian/dev/pts | |||
# umount /var/chroots/debian/dev | |||
# umount /var/chroots/debian/proc</nowiki>}} | |||
== Chroot == | == Chroot == | ||
| Line 114: | Line 170: | ||
You can now use <code>apt-get</code> to install needed packages. | You can now use <code>apt-get</code> to install needed packages. | ||
== See also == | == See also == | ||
Revision as of 06:20, 3 June 2025
This page documents various ways to manage software in Alpine Linux. The official package manager i.e Alpine Package Keeper(apk), a CLI tool can be supplemented by graphical tools like Gnome software, KDE Discover to manage official software packages and Flatpaks.
This page also documents ways to run software compiled with glibc including graphical programs like google-chrome, Visual Studio Code, obsidian etc...
Alpine package keeper
The official package manager in Alpine Linux Alpine Package Keeper(apk) is a cli tool. Rosetta stone shows how standard package management tasks are done in Alpine Linux compared to other popular distributions.
Graphical software manager
Gnome software
Gnome Software can be used as a GUI front end for Alpine Package Keeper and flatpaks.
KDE Discover
KDE Discover can be used as a GUI front end for Alpine Package Keeper and flatpaks.
Flatpak
Flatpak is by far the easiest method for running programs not available in the official Alpine Linux repositories. To use flatpaks, ensure that Flathub repository is enabled.
Running glibc programs
If you want to run glibc programs in Alpine Linux, there are a few ways of doing so.
For simpler binaries, you can install gcompat a compatibility layer or you could do it the easy way and use Flatpaks. See containers or chroot section for ways to run glibc programs including graphical ones.
gcompat
gcompat is a library which provides glibc-compatible APIs for use on musl libc systems like Alpine Linux. To install issue the command:
apk add gcompat
After that you run your binaries as normal.
For an usage example, refer Firefox page, where gcompat is used to run glibc compiled Widevine binary.
Containers
Distrobox + Podman
Podman containers are used with a helper like Distrobox. This allows using graphical programs easy and doesn't require root privileges once set up.
Installing distrobox package automatically installs podman package as a dependency, on issuing the command:
# apk add distrobox
Configure Podman to run in rootless mode.
Create a container using an image of your choice. Here Debian is installed using the command:
$ distrobox create --name my-debian --image debian $ distrobox enter my-debian
When Wayland desktop like Sway runs without xwayland on the Alpine Linux host, electron apps like vscode, google-chrome etc needs to be started as follows:$ distrobox enter my-debian -- code --ozone-platform=wayland.
If you are running X11 desktop, it may also be necessary to allow X authorization for GUI programs to work: $ xhost +si:localuser:$USER
Chroot + Bubblewrap
It's also possible to use a Debian system chroot with Bubblewrap. Here the alias glibc creates a container using bubblewrap, where the Debian chroot is the content of that container. It's not just a chroot anymore; it's a bwrap-powered isolated environment. This allows running graphical programs easy and doesn't require root privileges once installed.
# apk add bubblewrap debootstrap # mkdir -p /var/chroots/debian # debootstrap --arch amd64 stable /var/chroots/debian/ https://deb.debian.org/debian
Finally we can make an alias for bwrap.
$ alias glibc="LANG=en_US.UTF-8 bwrap --bind /var/chroots/debian / --dev-bind /dev /dev --proc /proc --bind /sys /sys --bind /run /run --bind /home /home --ro-bind /etc/resolv.conf /etc/resolv.conf --ro-bind /etc/passwd /etc/passwd --ro-bind /etc/group /etc/group"
To run programs that use X11/Xorg you can use:
$ alias glibcX11="LANG=en_US.UTF-8 bwrap --bind /var/chroots/debian / --dev-bind /dev /dev --proc /proc --bind /sys /sys --bind /run /run --bind /home /home --ro-bind /etc/resolv.conf /etc/resolv.conf --ro-bind /etc/passwd /etc/passwd --ro-bind /etc/group /etc/group --bind /tmp/.X11-unix/X0 /tmp/.X11-unix/X0 --setenv DISPLAY :0"
In this case you might need to use xhost to allow local connections, e.g.:
# xhost + local:
Now we can invoke glibc-built binaries like so:
$ glibc ./binary
or
$ glibcX11 ./binary
When Wayland desktop like Sway runs without xwayland on the Alpine Linux host, electron apps like vscode, google-chrome etc needs to be started as follows:$ glibc code --ozone-platform=wayland.
For updating the Chroot or installing applications and their dependencies, we can mount it and then login as root:
# mount --bind /dev /var/chroots/debian/dev # mount --bind /proc /var/chroots/debian/proc # mount --bind /dev/pts /var/chroots/debian/dev/pts # chroot /var/chroots/debian /bin/bash # apt update && apt upgrade
After installing what you might want to umount the binds for dev, proc and pts to avoid issues.
# umount /var/chroots/debian/dev/pts # umount /var/chroots/debian/dev # umount /var/chroots/debian/proc
Chroot
An option that's easier to generalize to other glibc applications is installing a glibc-based distribution into a chroot. You can then either chroot into it, or use a symlink and some configuration to make its glibc (and associated libraries) usable from Alpine.
After setting up a chroot using any of the methods described below, the loader can be set up in Alpine like so (these instructions are for a Debian chroot in /var/chroots/debian, on x86_64, but can be adapted to other systems by using the appropriate paths):
mkdir -p /lib64 ln -s /var/chroots/debian/lib/x86_64-linux-gnu/ld-2.33.so /lib64 printf '/var/chroots/debian/lib/x86_64-linux-gnu\n/var/chroots/debian/usr/lib/x86_64-linux-gnu\n' > /etc/ld.so.conf /var/chroots/debian/sbin/ldconfig
Gentoo Linux
Select a stage3 from here and portage latest from here at gentoo/snapshots/portage-latest.tar.xz.
First,
doas apk add xz
Enter the chroot:
mkdir ~/chroot cd ~/chroot tar -xvf stage3-*.tar.xz tar -xvf portage-latest.tar.xz mv portage usr doas mount --bind /dev dev doas mount --bind /sys sys doas mount -t proc proc proc cp /etc/resolv.conf etc doas chroot . /bin/bash
And voilà, you have your working Gentoo chroot!
You can now take a look at Gentoo's Handbook to find out how you can configure and install your system, or simply extract/copy the program you need to run in your chroot enviroment and execute it.
Here is a wrapper script that is similar to arch-chroot when you frequently reuse this chroot:
Also, create an account with the same user name as host current user to the chroot or make changes to the userspec option to chroot line.
Contents of gentoo-chroot.sh
Do at chmod +x gentoo-chroot.sh to get it to work.
Arch Linux
Either use pacstrap (included with the arch-install-scripts package) or an Arch bootstrap image:
doas apk add arch-install-scripts mkdir ~/chroot && cd ~/chroot curl -O https://mirrors.edge.kernel.org/archlinux/iso/latest/archlinux-bootstrap-x86_64.tar.gz doas tar xzf archlinux-bootstrap-x86_64.tar.gz && rm archlinux-bootstrap-x86_64.tar.gz doas sed -i '/evowise/s/^#//' root.x86_64/etc/pacman.d/mirrorlist doas sed -i '/CheckSpace/s/^/#/' root.x86_64/etc/pacman.conf doas arch-chroot root.x86_64 [chroot]# pacman-key --init [chroot]# pacman-key --populate archlinux
Once that is done, update the system and install the desired package(s) (denoted by "foo" in this example):
[chroot]# pacman -Syu foo
Debian
Use the provided debootstrap package to create the Debian chroot. --arch is optional, depending of your needs.
On the linux-grsec kernel, you will need to relax chroot limitations:
sudo apk add debootstrap for i in /proc/sys/kernel/grsecurity/chroot_*; do echo 0 | sudo tee $i; done mkdir ~/chroot sudo debootstrap --arch=i386 wheezy ~/chroot https://deb.debian.org/debian/ for i in /proc/sys/kernel/grsecurity/chroot_*; do echo 1 | sudo tee $i; done sudo chroot ~/chroot /bin/bash
You can now use apt-get to install needed packages.