OpenWrt's opkg detailed explanation
foreword
opkg is the management system of the OpenWrt software package, which manages the entire OpenWrt software package and the driver kernel module. Let’s take a look at the magical operations of opkg on the router today.
opkg Git Source
https://git.openwrt.org/project/opkg-lede.git
opkg download
The way to download opkg is wget, refer to the source codelibopkg/opkg_download.c
{
int res;
const char *argv[11];
int i = 0;
argv[i++] = "wget";
argv[i++] = "-q";
if (conf->no_check_certificate) {
argv[i++] = "--no-check-certificate";
}
if (conf->http_timeout) {
argv[i++] = "--timeout";
argv[i++] = conf->http_timeout;
}
if (conf->http_proxy || conf->https_proxy || conf->ftp_proxy) {
argv[i++] = "-Y";
argv[i++] = "on";
}
argv[i++] = "-O";
argv[i++] = tmp_file_location;
argv[i++] = src;
argv[i++] = NULL;
res = xsystem(argv);
if (res) {
opkg_msg(ERROR,
"Failed to download %s, wget returned %d.\n",
src, res);
if (res == 4)
opkg_msg(ERROR,
"Check your network settings and connectivity.\n\n");
free(tmp_file_location);
return -1;
}
}
opkg options
- opkg configuration file
/etc/opkg.conf
dest root /
dest ram /tmp
lists_dir ext /var/opkg-lists
option overlay_root /overlay
option check_signature
Configuration item format:<option> <type> <conf>
-
dest root /
This is the root directory location , the default/ -
dest ram /tmp
This is the temporary storage location of the memory , the default is/tmp -
lists_dir ext /var/opkg-lists
This is the save location, the defaultopkg updateisPackages.gz/var/opkg-lists -
option overlay_root /overlay
This is the root file system , just keep the default -
option check_signature
This is to check the package signature (.sig) , the default value is1, open, the type is bool,option check_signature 00 is disabled
- option source code
libopkg/opkg_confin
libopkg/opkg_conf.h
/* options */
int autoremove;
int force_depends;
int force_defaults;
int force_maintainer;
int force_overwrite;
int force_downgrade;
int force_reinstall;
int force_space;
int force_removal_of_dependent_packages;
int force_removal_of_essential_packages;
int force_postinstall;
int force_remove;
int force_checksum;
int check_signature;
int force_signature;
int no_check_certificate;
int nodeps; /* do not follow dependencies */
int nocase; /* perform case insensitive matching */
char *offline_root;
char *overlay_root;
int query_all;
int verbosity;
char *verify_program;
int noaction;
int size;
int strip_abi;
int download_only;
char *cache;
/* proxy options */
char *http_proxy;
char *http_timeout;
char *https_proxy;
char *ftp_proxy;
char *no_proxy;
char *proxy_user;
char *proxy_passwd;
char *signature_ca_file;
char *signature_ca_path;
libopkg/opkg_conf.c
opkg_option_t options[] = {
{
"cache", OPKG_OPT_TYPE_STRING, &_conf.cache},
{
"force_defaults", OPKG_OPT_TYPE_BOOL, &_conf.force_defaults},
{
"force_maintainer", OPKG_OPT_TYPE_BOOL, &_conf.force_maintainer},
{
"force_depends", OPKG_OPT_TYPE_BOOL, &_conf.force_depends},
{
"force_overwrite", OPKG_OPT_TYPE_BOOL, &_conf.force_overwrite},
{
"force_downgrade", OPKG_OPT_TYPE_BOOL, &_conf.force_downgrade},
{
"force_reinstall", OPKG_OPT_TYPE_BOOL, &_conf.force_reinstall},
{
"force_space", OPKG_OPT_TYPE_BOOL, &_conf.force_space},
{
"force_postinstall", OPKG_OPT_TYPE_BOOL, &_conf.force_postinstall},
{
"force_checksum", OPKG_OPT_TYPE_BOOL, &_conf.force_checksum},
{
"check_signature", OPKG_OPT_TYPE_BOOL, &_conf.check_signature},
{
"no_check_certificate", OPKG_OPT_TYPE_BOOL, &_conf.no_check_certificate},
{
"ftp_proxy", OPKG_OPT_TYPE_STRING, &_conf.ftp_proxy},
{
"http_proxy", OPKG_OPT_TYPE_STRING, &_conf.http_proxy},
{
"http_timeout", OPKG_OPT_TYPE_STRING, &_conf.http_timeout},
{
"https_proxy", OPKG_OPT_TYPE_STRING, &_conf.https_proxy},
{
"no_proxy", OPKG_OPT_TYPE_STRING, &_conf.no_proxy},
{
"test", OPKG_OPT_TYPE_BOOL, &_conf.noaction},
{
"noaction", OPKG_OPT_TYPE_BOOL, &_conf.noaction},
{
"download_only", OPKG_OPT_TYPE_BOOL, &_conf.download_only},
{
"nodeps", OPKG_OPT_TYPE_BOOL, &_conf.nodeps},
{
"nocase", OPKG_OPT_TYPE_BOOL, &_conf.nocase},
{
"offline_root", OPKG_OPT_TYPE_STRING, &_conf.offline_root},
{
"overlay_root", OPKG_OPT_TYPE_STRING, &_conf.overlay_root},
{
"proxy_passwd", OPKG_OPT_TYPE_STRING, &_conf.proxy_passwd},
{
"proxy_user", OPKG_OPT_TYPE_STRING, &_conf.proxy_user},
{
"query-all", OPKG_OPT_TYPE_BOOL, &_conf.query_all},
{
"size", OPKG_OPT_TYPE_BOOL, &_conf.size},
{
"strip_abi", OPKG_OPT_TYPE_BOOL, &_conf.strip_abi},
{
"tmp_dir", OPKG_OPT_TYPE_STRING, &_conf.tmp_dir},
{
"verbosity", OPKG_OPT_TYPE_INT, &_conf.verbosity},
{
"verify_program", OPKG_OPT_TYPE_STRING, &_conf.verify_program},
{
NULL, 0, NULL}
};
Through the above options, you can /etc/opkg.confadd additional options in, for example, if I want to add no remote https certificate , find the type of the option, and fill it in opkg.conf according to the format
dest root /
dest ram /tmp
lists_dir ext /var/opkg-lists
option overlay_root /overlay
option check_signature
# 下面是我添加的
optinon no_check_certificate 1
# 添加代理
optinon http_proxy 127.0.0.1:7890
optinon https_proxy 127.0.0.1:7890
optinon ftp_proxy 127.0.0.1:7890
# 超时时间 单位: 秒
option http_timeout 5
# 代理认证信息, 没有请忽略
optinon proxy_user NueXini
optinon proxy_passwd NueXini
opkg usuage
src/opkg-cl.c --> static void usage()
opkg must have one sub-command argument
usage: opkg [options...] sub-command [arguments...]
where sub-command is one of:
Package Manipulation:
update Update list of available packages
upgrade <pkgs> Upgrade packages
install <pkgs> Install package(s)
configure <pkgs> Configure unpacked package(s)
remove <pkgs|regexp> Remove package(s)
flag <flag> <pkgs> Flag package(s)
<flag>=hold|noprune|user|ok|installed|unpacked (one per invocation)
Informational Commands:
list List available packages
list-installed List installed packages
list-upgradable List installed and upgradable packages
list-changed-conffiles List user modified configuration files
files <pkg> List files belonging to <pkg>
search <file|regexp> List package providing <file>
find <regexp> List packages whose name or description matches <regexp>
info [pkg|regexp] Display all info for <pkg>
status [pkg|regexp] Display all status for <pkg>
download <pkg> Download <pkg> to current directory
compare-versions <v1> <op> <v2>
compare versions using <= < > >= = << >>
print-architecture List installable package architectures
depends [-A] [pkgname|pat]+
whatdepends [-A] [pkgname|pat]+
whatdependsrec [-A] [pkgname|pat]+
whatrecommends[-A] [pkgname|pat]+
whatsuggests[-A] [pkgname|pat]+
whatprovides [-A] [pkgname|pat]+
whatconflicts [-A] [pkgname|pat]+
whatreplaces [-A] [pkgname|pat]+
Options:
-A Query all packages not just those installed
-V[<level>] Set verbosity level to <level>.
--verbosity[=<level>] Verbosity levels:
0 errors only
1 normal messages (default)
2 informative messages
3 debug
4 debug level 2
-f <conf_file> Use <conf_file> as the opkg configuration file
--conf <conf_file>
--cache <directory> Use a package cache
-d <dest_name> Use <dest_name> as the the root directory for
--dest <dest_name> package installation, removal, upgrading.
<dest_name> should be a defined dest name from
the configuration file, (but can also be a
directory name in a pinch).
-o <dir> Use <dir> as the root directory for
--offline-root <dir> offline installation of packages.
--verify-program <path> Use the given program to verify usign signatures
--add-arch <arch>:<prio> Register architecture with given priority
--add-dest <name>:<path> Register destination with given path
Force Options:
--force-depends Install/remove despite failed dependencies
--force-maintainer Overwrite preexisting config files
--force-reinstall Reinstall package(s)
--force-overwrite Overwrite files from other package(s)
--force-downgrade Allow opkg to downgrade packages
--force-space Disable free space checks
--force-postinstall Run postinstall scripts even in offline mode
--force-remove Remove package even if prerm script fails
--force-checksum Don't fail on checksum mismatches
--no-check-certificate Don't validate SSL certificates
--noaction No action -- test only
--download-only No action -- download only
--nodeps Do not follow dependencies
--nocase Perform case insensitive pattern matching
--size Print package size when listing available packages
--strip-abi Print package name without appended ABI version
--force-removal-of-dependent-packages
Remove package and all dependencies
--autoremove Remove packages that were installed
automatically to satisfy dependencies
-t Specify tmp-dir.
--tmp-dir Specify tmp-dir.
-l Specify lists-dir.
--lists-dir Specify lists-dir.
regexp could be something like 'pkgname*' '*file*' or similar
e.g. opkg info 'libstd*' or opkg search '*libop*' or opkg remove 'libncur*'
Usage: opkg [options...] sub-command [arguments...], the following are some common usages
opkg commands
opkg updateUpdate packages, no additional arguments requiredopkg upgrade luci-app-sqm iptables-nftUpgrade the software package, multiple software packages are used空格separately, ifluci-app-sqmnot installed,opkg installthe installation software will be executedopkg --nodeps install luci-app-sqmInstall software but do not install dependencies, multiple software packages are used空格separatelyopkg print-architectureGet the structure, no additional parameters are required
root@X-WRT:~# opkg print-architecture
arch all 1
arch noarch 1
arch mipsel_24kc 10
opkg whatdepends luci-app-ddns
root@X-WRT:~# opkg whatdepends luci-app-ddns
Root set:
luci-app-ddns
What depends on root set
luci-i18n-ddns-zh-cn git-22.205.58624-4d77b1b depends on luci-app-ddns
- priority issue
The priority of the input is greater than the priority opkg --nodeps install luci-app-sqminsidenodeps/etc/opkg.confoption nodeps
If /etc/opkg.confadded option nodeps 1, opkg install luci-app-sqmwhen input, it will be added--nodeps
opkg .ipk
.ipkThe essence of the file is actually one 压缩包, let's take it ip6tables-nft_1.8.8-1_mipsel_24kc.ipkas an example, disassemble the ipk to see what medicine is sold in the gourd.
There are three files in ipk
hi@ubuntu:~$ tar -tvf ip6tables-nft_1.8.8-1_mipsel_24kc.ipk
-rw-r--r-- 0/0 4 2022-07-11 01:07 ./debian-binary
-rw-r--r-- 0/0 244 2022-07-11 01:07 ./data.tar.gz
-rw-r--r-- 0/0 606 2022-07-11 01:07 ./control.tar.gz
debian-binary
hi@ubuntu:~$ cat ./debian-binary
2.0
# 这个文件内容好像都是2.0 查看了几个ipk都是这样
data.tar.gz
hi@ubuntu:~$ tar -tvf data.tar.gz
drwxr-xr-x 0/0 0 2022-07-11 01:07 ./
drwxr-xr-x 0/0 0 2022-07-11 01:07 ./usr/
drwxr-xr-x 0/0 0 2022-07-11 01:07 ./usr/sbin/
lrwxrwxrwx 0/0 0 2022-07-11 01:07 ./usr/sbin/ip6tables-nft -> xtables-nft-multi
lrwxrwxrwx 0/0 0 2022-07-11 01:07 ./usr/sbin/ip6tables-nft-restore -> xtables-nft-multi
lrwxrwxrwx 0/0 0 2022-07-11 01:07 ./usr/sbin/ip6tables-nft-save -> xtables-nft-multi
lrwxrwxrwx 0/0 0 2022-07-11 01:07 ./usr/sbin/ip6tables-restore-translate -> xtables-nft-multi
lrwxrwxrwx 0/0 0 2022-07-11 01:07 ./usr/sbin/ip6tables-translate -> xtables-nft-multi
# 这几个应该是会安装到/usr/sbin/
control.tar.gz
hi@ubuntu:~$ tar -tvf control.tar.gz
drwxr-xr-x 0/0 0 2022-07-11 01:07 ./
-rw-r--r-- 0/0 662 2022-07-11 01:07 ./control
-rwxr-xr-x 0/0 160 2022-07-11 01:07 ./postinst
-rwxr-xr-x 0/0 117 2022-07-11 01:07 ./prerm
control.tar.gz-->control
Package: ip6tables-nft
Version: 1.8.8-1
Depends: libc, kmod-ip6tables, xtables-nft
Provides: ip6tables
Alternatives: 300:/usr/sbin/ip6tables:/usr/sbin/xtables-nft-multi, 300:/usr/sbin/ip6tables-restore:/usr/sbin/xtables-nft-multi, 300:/usr/sbin/ip6tables-save:/usr/sbin/xtables-nft-multi
Source: package/network/utils/iptables
SourceName: ip6tables-nft
License: GPL-2.0
Section: net
SourceDateEpoch: 1657472867
CPE-ID: cpe:/a:netfilter_core_team:iptables
Architecture: mipsel_24kc
Installed-Size: 244
Description: Extra ip6tables nftables nft binaries.
ip6tables-nft
ip6tables-nft-restore
ip6tables-nft-save
ip6tables-translate
ip6tables-restore-translate
control.tar.gz-->postinst
#!/bin/sh
[ "${IPKG_NO_SCRIPT}" = "1" ] && exit 0
[ -s ${IPKG_INSTROOT}/lib/functions.sh ] || exit 0
. ${IPKG_INSTROOT}/lib/functions.sh
default_postinst $0 $@
control.tar.gz-->prerm
#!/bin/sh
[ -s ${IPKG_INSTROOT}/lib/functions.sh ] || exit 0
. ${IPKG_INSTROOT}/lib/functions.sh
default_prerm $0 $@
| File | explain | Makefile |
|---|---|---|
| control | control file | include/package.mk |
| conffiles | configuration file | include/package-ipkg.mk |
| price | Script to execute before installing a package | include/package-ipkg.mk |
| postinst | Execute the script after installing the package | include/package-ipkg.mk |
| prerm | Script to execute before installing a package | include/package-ipkg.mk |
| postrm | Script to execute after installing the package | include/package-ipkg.mk |
Enjot it ~~