PPA's in Debian? How to safely use them.
Welcome, Guest.
"When government fears the people, there is LIBERTY.  When the people fear the government, there is TYRANNY." -Thomas Jefferson

Author Topic: PPA's in Debian? How to safely use them.  (Read 9324 times)

Offline JayVii

  • Contributor
  • *******
  • Posts: 1759
    • JayVii's Page
PPA's in Debian? How to safely use them.
« on: July 01, 2014, 10:57:33 AM »
Since nobody else mentioned it on the forums, I decided to finally share that with you guys. Kaddy (Linux4UnMe) did a video about this topic long time ago, but did some stuff I wouldn't agree to in his tutorial and also people using Debian don't seem to realize this possibility.
Well, yes... It IS kind of a hacky job, but I didn't have any problems whatsoever and heard also very good results from other people.

Many people claim that Debian doesn't have PPA-Support and even the Testing-Branch doesn't always offer an up-to-date version as a Ubuntu-PPA would. You could easily add PPA's to your sources.list file, but this might bring up problems and could possibly break your system. For this tutorial I use the number 1 package I am missing in the Debian-Repositories: SimpleScreenRecorder

Note, that not every package works as there might be dependencies that aren't available in the Debian-Repos. However if you are using the Testing-Branch this will most likely work as Ubuntu is based on Testing (currently Jessie). Also this will only work with open-source software, as you have to compile the packages from the ppa-source. You do all of this at your own risk.

Step 1:
Search a PPA for your package on Google, DuckDuckGo or any other search engine of your choice. I found SimpleScreenRecorder on Launchpad.
Go to the "Adding this PPA to your System" section and click on the "Technical Details about this PPA" link. A little drop-down will come up, reveling the info necessary. Chose the current Ubuntu-version that is closest to your Debian version (I'd go with the current LTS if you are using Debian-Testing and an older LTS if you are using Debian-Stable). For my Jessie install I chose the newest LTS (14.04).

Step 2:
Now copy the line below that says "deb-src" at the beginning. For me this is:
Code: [Select]
deb-src http://ppa.launchpad.net/maarten-baert/simplescreenrecorder/ubuntu trusty main

Leave the other line alone as it contains the binary which we don't want on our system.
Now open up a terminal and type following command:

Code: [Select]
sudo nano /etc/apt/sources.list
instead of "nano" you can use any other text editor you are comfortable with.

The command will bring up a text-file containing all your package-sources. At the end of this file leave one or two empty lines and then add:

Code: [Select]
## SimpleScreenRecorder PPA
and then the ppa you copied previously.

This is how my sources.list file looks afterwards (note that this can be different if you are using another Distrubution. I use Sparky which is based on Debian Testing:

deb http://ftp.debian.org/debian/ testing main contrib non-free
deb-src http://ftp.debian.org/debian/ testing main contrib non-free
deb http://security.debian.org/ testing/updates main contrib non-free
deb-src http://security.debian.org/ testing/updates main contrib non-free
deb http://www.deb-multimedia.org testing main non-free

## SimpleScreenRecorder PPA
deb-src http://ppa.launchpad.net/maarten-baert/simplescreenrecorder/ubuntu trusty main

Now save the file and close it. (in nano: ctrl+x, y, ENTER)

Step 3:
Now you have to add the verification-key to your system. For this task you need the last few digests of the "Signing Key". The Signing Key for this SSR package is "1024R/283EC8CD". But as I mentioned, we only need the digests after the "/" which are "283EC8CD". Just copy those and replace the word SIGKEY in the following command with yours.
Code: [Select]
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys SIGKEY
So for me, the command is:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 283EC8CD

the output will look similar to following
Code: [Select]
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --homedir /tmp/tmp.oHJZL4NPES --no-auto-check-trustdb --trust-model always --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-squeeze-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-squeeze-stable.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-wheezy-stable.gpg --keyring /etc/apt/trusted.gpg.d/steam.gpg --keyserver keyserver.ubuntu.com --recv-keys 283EC8CD
gpg: requesting key 283EC8CD from hkp server keyserver.ubuntu.com
gpg: key 283EC8CD: public key "Launchpad PPA for Maarten Baert" imported
gpg: Total number processed: 1
gpg:               imported: 1  (RSA: 1)

Step 4:
Now update your repositories with a simple
Code: [Select]
sudo apt-get update

Note, that the package won't show up if you search it via "apt-cache search", because there is only the source, not the binary. However building it will work as long as the source is available on the PPA.

This step is optional but it makes sense as you'd have all the building-files and the actual .deb files in your home-directory later. I like to keep everything nice and clean. So just cd in your tmp-folder and create a new folder there:
Code: [Select]
mkdir /tmp/PPA/ && cd /tmp/PPA/

In order to start building the package, issue following command (This will most likely fail as the dependencies probably are not met). Also make sure to replace PACKAGE with the actual package name you want to install from that PPA:
Code: [Select]
sudo apt-get source -b PACKAGE
As a result, I get following output:
jan@debianbox:~$ sudo apt-get source -b simplescreenrecorder
Reading package lists... Done
Building dependency tree      
Reading state information... Done
NOTICE: 'simplescreenrecorder' packaging is maintained in the 'Git' version control system at:
Need to get 908 kB of source archives.
Get:1 http://ppa.launchpad.net/maarten-baert/simplescreenrecorder/ubuntu/ trusty/main simplescreenrecorder 0.2.2-1~ppa1~trusty1 (tar) [906 kB]
Get:2 http://ppa.launchpad.net/maarten-baert/simplescreenrecorder/ubuntu/ trusty/main simplescreenrecorder 0.2.2-1~ppa1~trusty1 (dsc) [1,911 B]
Fetched 908 kB in 1s (516 kB/s)            
gpgv: keyblock resource `/root/.gnupg/trustedkeys.gpg': file open error
gpgv: Signature made Mon 03 Mar 2014 02:49:22 AM CET using RSA key ID 2E5C9390
gpgv: Can't check signature: public key not found
dpkg-source: warning: failed to verify signature on ./simplescreenrecorder_0.2.2-1~ppa1~trusty1.dsc
dpkg-source: info: extracting simplescreenrecorder in simplescreenrecorder-0.2.2
dpkg-source: info: unpacking simplescreenrecorder_0.2.2-1~ppa1~trusty1.tar.gz
dpkg-buildpackage: source package simplescreenrecorder
dpkg-buildpackage: source version 0.2.2-1~ppa1~trusty1
dpkg-buildpackage: source distribution trusty
dpkg-buildpackage: source changed by Maarten Baert (v2) <maarten-baert@hotmail.com>
dpkg-buildpackage: host architecture i386
 dpkg-source --before-build simplescreenrecorder-0.2.2
dpkg-checkbuilddeps: Unmet build dependencies: libx11-dev libxext-dev libxfixes-dev qt4-qmake libqt4-dev libavformat-dev libavcodec-dev libavutil-dev libswscale-dev libasound2-dev libpulse-dev libjack-dev
dpkg-buildpackage: warning: build dependencies/conflicts unsatisfied; aborting
dpkg-buildpackage: warning: (Use -d flag to override.)
Build command 'cd simplescreenrecorder-0.2.2 && dpkg-buildpackage -b -uc' failed.
E: Child process failed

As you can see I colored the part where it says which dependencies are needed in RED. So just install those packages. For me, this command would be:
Code: [Select]
sudo apt-get install libx11-dev libxext-dev libxfixes-dev qt4-qmake libqt4-dev libavformat-dev libavcodec-dev libavutil-dev libswscale-dev libasound2-dev libpulse-dev libjack-dev
After that is finished, repeat the building-command again. Depending on the package you want to build and the strength of your machine this can take a few minutes. So be patient and don't stop it until it's finished.

Step 5:
now you can simply install the packages with

Code: [Select]
sudo dpkg -i *.deb
or with:
Code: [Select]
sudo dpkg -i FILENAME
Of course you have to replace FILENAME with the actual filename (the ls command can reveal that).

FAQ / Troubleshooting:

Q: Will the compiled package update automatically with the "apt-get upgrade" command or with my package manager?
A: No. If you want to know, if a new version is available, then check website you got it from. If there is a new version, then you have to compile it all over again.

Q: What could happen if I include the "deb"-line instead of the "deb-src" one?
A: Then all Ubuntu binaries can be downloaded with the "apt-get install" command and will also be updated. However it could cause major issues and breakage to your system. It's safer to compile it.

Q: How can I remove the installed packages?
A: This will work with the "apt-get remove" command like any other package installed on your system.

Q: Can I remove the .deb files and the building files after installing?
A: Yes.
« Last Edit: July 01, 2014, 01:21:05 PM by JayVii »

Offline c00ter

  • Elite Member
  • *****
  • Posts: 348
  • I'm an Alaskan! Where's my darn flag!
Re: PPA's in Debian? How to safely use them.
« Reply #1 on: July 01, 2014, 01:00:02 PM »
Using PPAs is certainly frowned upon in the Debian community. You can easily download and compile it. There's a ..tar.gz available from Maarten's blog page, and a ZIP from GitHub, both available with instructions. http://www.maartenbaert.be/simplescreenrecorder/#download
« Last Edit: July 01, 2014, 02:42:29 PM by c00ter »

Offline Brian

  • Spatry's Troll HAMMER
  • Contributor
  • *******
  • Posts: 269
Re: PPA's in Debian? How to safely use them.
« Reply #2 on: September 03, 2014, 12:05:58 AM »
I always advise caution when using PPAs. While it's an easy way to install software, I'll only use PPAs from well-known, trusted sources. Installing software from a sketchy PPA is a potential vector for malware.
"No matter where you go, there you are." - Buckaroo Banzai
"People sleep peacably in their beds at night only because rough men stand ready to do violence on their behalf." - George Orwell

Offline JayVii

  • Contributor
  • *******
  • Posts: 1759
    • JayVii's Page
Re: PPA's in Debian? How to safely use them.
« Reply #3 on: April 11, 2015, 08:45:30 AM »
I have now gone over to add both the deb-src line and the deb line, but "blocking" the "trusty" source in my "/etc/apt/preferences". that enables me to still view all of its packages in

Code: [Select]
aptitude search
apt-cache policy
but at the same time makes sure, none of it will be installed. then i'll just build it from the deb-src line :P