Experience the
WhaTap right now.

Tech
2025-04-16
Learn about the DEB file structure used by the Debian distribution
WhaTap
AI-Native Observability Platform

Table of contents

Example H2

Debian-like Linux distributions use an APT-based package manager system. At this time, the APT package manager .deb I'm using a file, but in this post .deb Let's take a closer look at how the file is structured.

.deb Internal components

.deb The file is generic UNIX AR Archives It is a structure that follows a format. AR An archive is a simple container format that groups multiple files together. .debIn the case of, it must include the following three components:

  • Debian-binary
    • A text file that records the package format version.
    • The current Debian package format version 2.0 It contains only a string.
  • control.tar
    • It is a control archive containing the package's metadata and maintenance scripts.
    • This archive contains control files, including package names, versions, and dependency information, and scripts to be executed during installation/removal.
  • data.tar
    • A data archive containing files to be released to the actual system when the package is installed.
    • Program binaries, libraries, documentation, and configuration files are included in this archive.

Each component AR Within the archive Debian-binarycontrol.tardata.tar They are arranged in order. This allows package tools such as dpkg .deb Files can be interpreted and processed. Additionally, if the package includes a signature, there are additional steps, but since APT repositories are usually signed, I'll omit them in this article.

key
Image source: wikipedia

control.tar archive and key metadata files

The control.tar archive contains the package's metadata and maintenance scripts.

  • control
    • A control file containing basic information about the package.
    • The package's name, description, version, dependency list, and maintainer information will be recorded in this file.
    • This information is used to check dependencies and display descriptions before installing packages.
  • md5sums
    • A list of MD5 checksums of all files included in the package.
    • Used to verify the integrity of files or detect corruption after installation.
  • Conffiles
    • It contains a list of files that should be treated as configuration files.
    • The files specified here will not be overwritten by the new version when the package is upgraded and will remain.
  • maintenance scripts
    • preinst, Postinst, Prerm, Postrm This includes the like.
    • These are scripts that run automatically during package installation and removal. (More on that below.)

Dpkg/APT obtains the information needed to install packages through control.tar described above.

The role and execution flow of maintenance scripts

A package's maintenance script is a script that is automatically executed at a specific point in the installation and removal process to perform preparation or cleanup tasks required for the package's operation. Debian packages usually use 4 maintenance scripts.

  • preinst (Pre-install)
    • A script that runs just before installing or upgrading a package.
    • Use it for tasks required before unpacking a new version of a file.
  • Postinst (Post-install)
    • It runs immediately after installing or upgrading a package.
    • It can handle tasks such as completing settings, starting/restarting services, and updating the cache.
  • Prerm (Pre-Removal)
    • It runs just before a package is removed or replaced by an upgrade.
    • It is used when stopping a service daemon (such as stopping a cron) or processing the release of resources used by a package.
    • In the case of an upgrade, during the removal phase of the old version PrermThis will be called.
  • Postrm (Post-Removal)
    • A script that runs after a package has been removed or upgraded.
    • It is responsible for handling remaining tasks after deleting a package or cleaning up failed installations. For example, if a package is completely purged (purged), delete the associated cache or temporary files, and if there is a problem during the upgrade process PostrmPerform this cleanup procedure.
    • Also, Postrmis called when an installation fails and is also used to clean up partial installation status.

The above scripts can be applied selectively. Also, all scripts must have idempotency (idempotency) and be configured so that there are no problems even when executed multiple times.

Note: When upgrading a package, the scripts from the previous version and the new version are executed in combination. For example, during the upgrade process, the flow is called in the following order: previous version of prerm → new version of preinst → new version of unpacking files → new version of postinst → previous version of postrm. (It may vary depending on the specific situation, but broadly speaking, preinst runs before unpacking a new package, postinst runs after unpacking, and prerm runs before uninstalling, and postrm runs after uninstalling.)

Note: The following scripts are used in combination when upgrading packages.
old version of prerm → new version of preinst → new version of file unpacked → new version of postinst → old version of postrm

The role and file placement of the data.tar archive

The data.tar archive is a data section containing all the files that are actually copied to the system when the package is installed. If you unpack this archive, it's like you've seen a lot . /usr/, . /etc/ A directory structure such as is displayed, and the package's binaries, libraries, configuration files, and documents are included according to that structure.

For example, testIn a package called data.tar.gzWhen I solved usr/bin/test with an executable file usr/share/doc/test/... Documents may appear. These paths are ultimately the system root (/It will be installed based on). In other words, data.tar inner . /usr/bin/test The file is when the package is installed /usr/bin/test It will be placed on the path.

data.tarThe permissions and owner information of the files included in are also stored, so dpkg interprets them and applies them to the system appropriately. For example, a binary file has permission to execute and the owner rootIt is placed according to the metadata set by the package creator, such as being installed in the in-state.

usually data.tar An archive is used to reduce capacity gzip, xz, zstd It is compressed in the same way. (The Debian package standard allows compression of data archives.) In the old package data.tar.gz There were many (gzip) formats, but most recent Debian/Ubuntu packages data.tar.xz It uses the (xz) format, and some data.tar.zst (zstd) is also used. Depending on the compression method, dpkg or APT can automatically release it.

finishing

Of Debian-based Linux distributions .deb The file structure AR It is organized based on an archive format. In detail Debian-binary, control.tar, data.tarThe three essential elements of are sequentially included, and by combining them, package metadata and actual deployment files can be organized and managed in one place. The above prerequisites help to automatically perform the tasks required during the installation, upgrade, and removal process.

WhaTap
AI-Native Observability Platform
WhaTap unifies monitoring for GPUs, applications, servers, databases, Kubernetes, and browsers on a single platform, enabling rapid response to complex IT environments. Trusted by over 1,200 companies worldwide.
목차
Example H2
배너 타이틀
Related Content
No items found.
Claude Code 모니터링
Tech
Claude Code Monitoring: A Guide to Tracking AI Developer Tool Usage
2025-08-28
Tech
Retrofit 3.0 update: major changes and what the Kotlin transition means
2025-08-13
GPU
GPU on subscription? Here’s what GPUaaS (GPU as a Service) means
2025-08-12
Experience Monitoring with WhaTap!
Try the demo