this post was submitted on 03 Dec 2024
18 points (95.0% liked)

Linux

48721 readers
1041 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS
 

Hi,

I have an air gaped[^1] device. ( Devuan )

How do you manage to install packages/software on off-line[^1] device ?

I've heard of apt-offline but it seem to bug and I don't know if it's still maintained (last release two years ago)

of course I've tried manually but the dependencies relations are too crazy to do that fully manually

Dependence tree (not complete even) to install for example apt-offline

├── Depends
│   ├── Depends
│   │   ├── Depends
│   │   │   ├── Depends
│   │   │   │   └── python3-dbg_3.9.2-3_amd64.deb
│   │   │   ├── libcurl4-gnutls-dev_7.74.0-1.3+deb11u14_amd64.deb
│   │   │   ├── python3-pycurl-dbg_7.43.0.6-5_amd64.deb
│   │   │   └── python-pycurl-doc_7.43.0.6-5_all.deb
│   │   ├── python3-httplib2_0.18.1-3_all.deb
│   │   └── python3-pycurl_7.43.0.6-5_amd64.deb
│   ├── iso-codes_4.6.0-1_all.deb
│   ├── python3-pysimplesoap_1.16.2-3_all.deb
│   └── python-apt-common_2.2.1_all.deb
├── python3-apt_2.2.1_amd64.deb
└── python3-debianbts_3.1.0_all.deb

Any ideas ?

Thanks.

[^1]: air gaped, off-line
https://en.wikipedia.org/wiki/Air_gap_(networking)

top 17 comments
sorted by: hot top controversial new old
[–] [email protected] 9 points 3 weeks ago (2 children)

I'd just mirror the whole repo. All of Debian main for a single architecture is less than a terabyte. I imagine yours is similar.

[–] [email protected] 1 points 3 weeks ago

Yes, that's what I use to using apt-mirror. It also works great for any other apt repo.

[–] [email protected] 1 points 3 weeks ago

and then I guess it can even be trimmed somewhat. delete the development packages, look through and filter the unneeded larger ones, ...

[–] [email protected] 5 points 3 weeks ago (1 children)

If an appimage is available you could probably just move it across on a USB drive.

[–] [email protected] 2 points 3 weeks ago* (last edited 3 weeks ago)

indeed .appimage are an amazing thing as they do not require any special runtime or installation process !
I guess I will have to do my own .appimage of software that do not provide them

[–] [email protected] 4 points 3 weeks ago

You might want to consider using Docker. You can build an image on your normal machine, export it as a file onto a USB stick, and then transfer it to your air-gapped machine, import it there. Then running it is just docker run --rm my_image

You can do this for a whole bunch of programs in one image, or a separate image for each one.

[–] [email protected] 3 points 3 weeks ago (1 children)

If this is for a user programs rather than system components that must be managed by apt, you could use Nix.

By its nature, it keeps track of all dependencies in a queryable format and Nix stores are actually quite portable; you can just

nix copy /nix/store/6gd9yardd6qk9dkgdbmh1vnac0vmkh7d-ripgrep-14.1.1/ --to /mnt/USB-drive/

and that will copy that store path aswell as any dependency (including transitive deps) to e.g. a USB drive.

You'd then do the inverse in the target environment to do the opposite:

nix copy /nix/store/6gd9yardd6qk9dkgdbmh1vnac0vmkh7d-ripgrep-14.1.1/ --from /mnt/USB-drive/

And then /nix/store/6gd9yardd6qk9dkgdbmh1vnac0vmkh7d-ripgrep-14.1.1/ aswell as its entire runtime dependency tree would exist in the air-gapped system.

Because Nix store paths are hermetic, that's all you need to execute e.g. /nix/store/6gd9yardd6qk9dkgdbmh1vnac0vmkh7d-ripgrep-14.1.1/bin/rg.

You'd obviously just adjust your $PATH accordingly rather than typing all of that out and typically would install this into what Nix refers to as a profile so that you have one path to add to your $PATH rather than one for each package.

I used a single package here but you could build an entire environment of many packages to your liking and it'd be the exact same as far as Nix is concerned; it's all store paths.

You do need /nix/ to exist and be writeable in the target environment for this to work though.

[–] [email protected] 2 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

🤩 Woo I didn't know nix. It seem a better way to handle package !!! but so if I have already apt that handle my packages, is it compatible to use both on the same system !?

Nix stores all packages in isolation from each other; as a result there are no /bin, /sbin, /lib or /usr directories and all packages are kept in /nix/store instead.

[–] [email protected] 2 points 3 weeks ago (1 children)

Yes, nix complements your system's package manager, but doesn't replace it

[–] [email protected] 1 points 2 weeks ago (1 children)

ohh ! great ! I'll see if I manage to install it on Devuan Thanks.

[–] [email protected] 1 points 2 weeks ago

Installing it offline could prove to be quite a challenge. If you don't actually need Nix (the package manager) to work on your target system though, you could just not install Nix and use i.e. a static Nix binary to do the store path copying.

[–] [email protected] 2 points 3 weeks ago

I do it manually, but I don't have a lot of dependencies. Download the main package, install it, check the error message for the package it needs, download the new package, install the main package again... For python stuff pip download will also get the dependencies. Maybe you can use the Debian website since it lists the package dependencies and allows you to download from the website the deb files. You can probably automate with a bash script some stuff.

[–] [email protected] 2 points 3 weeks ago (1 children)
[–] [email protected] 1 points 3 weeks ago* (last edited 3 weeks ago) (1 children)

Thank you very much @[email protected]

I have tried

apt-get -o Dir::Cache::archives="/to/path" install --download-only apt-offline

But it downloaded only the .deb of apt-offline and not all the dependence tree. Most probably because this machine have them already.

now, remain to force to download also all the dependency tree even if already installed...

[–] [email protected] 1 points 3 weeks ago (1 children)

You could setup a new, empty VM and use it as a download only machine for packages, although it makes the process a bit more complicated.

[–] [email protected] 1 points 3 weeks ago

Yes, but it's not reliable. because even if you use a bare linux vm to download the packages and dependency, you never know if the online will have already a dependence that the offline system do not have.

no, the only way is to force the dw of the already downloaded package.

[–] [email protected] 1 points 3 weeks ago* (last edited 3 weeks ago)

Switch to a distro lineage whose package manager builds in the necessary facilities? Someone's already mentioned Nix, and Gentoo has the --fetchonly switch for Portage which will download (but not install) everything required for a specified package including dependencies, so you can copy all of the files to an external drive at once.