This string didn't work for me and I couldn't see a problem in adding the keyserver
|Deletions are marked like this.||Additions are marked like this.|
|Line 83:||Line 83:|
|gpg --no-default-keyring --keyring /tmp/awn.keyring --recv B0BE17C2A0C914F086B7B8327D2C7A23BF810CD5 && gpg --no-default-keyring --keyring /tmp/awn.keyring --export --armor B0BE17C2A0C914F086B7B8327D2C7A23BF810CD5 | sudo apt-key add - && rm /tmp/awn.keyring||gpg --no-default-keyring --keyring /tmp/awn.keyring --keyserver keyserver.ubuntu.com --recv B0BE17C2A0C914F086B7B8327D2C7A23BF810CD5 && gpg --no-default-keyring --keyring /tmp/awn.keyring --export --armor B0BE17C2A0C914F086B7B8327D2C7A23BF810CD5 | sudo apt-key add - && rm /tmp/awn.keyring|
With Launchpad's Personal Package Archives (PPA), you can build and publish binary Ubuntu packages for multiple architectures simply by uploading an Ubuntu source package to Launchpad. Every individual and team in Launchpad gets their own PPA.
Your PPA gives you:
- Binary packages built for x86, AMD64 and LPIA architectures against Ubuntu.
- A web front-end where Launchpad users can browse and search for your packages.
Before you create and use your PPA, you need to:
install dput - sudo apt-get install dput
have imported your PGP key to your Launchpad account.
become an Ubuntero (i.e. you must sign the Ubuntu Community Code of Conduct)
Installing and uninstalling software from a PPA is just as easy as installing software from Ubuntu's primary archive. This makes it an ideal way to distribute beta versions, daily builds and other versions of your software for testing, without having to ask your testers to compile your software from source.
Packages you publish in your PPA will remain there until you remove them, they're superseded by another package that you upload or the version of Ubuntu against which they're built becomes obsolete.
Activating a PPA
Before you can start using a PPA, whether it's your own or it belongs to a team, you need to activate it on your profile page or the team's overview page.
You can only activate your PPA if you have signed the Ubuntu code of conduct.
Your PPA's key
Launchpad generates a unique key for each PPA and uses it to sign any packages built in that PPA.
This means that people downloading/installing packages from your PPA can verify their source. After you've activated your PPA, it can take a couple of hours for Launchpad to generate your key.
Installing software from a PPA
PPAs work like normal Ubuntu archives. You can install software in the usual way -- for example, through apt-get or synaptic -- and whenever there's an update Ubuntu will prompt you to install it.
Adding a PPA to your Ubuntu repositories
To install packages from a PPA, you need to tell Ubuntu where to find it. You do this by giving Ubuntu the PPA's URL, which you can find on the PPA's overview page.
Let's take a look at the AWN Testing team's PPA as an example. If you're using the most recent development version of Ubuntu, all you need do is copy these lines in the apt sources.list entries section of the page. For example:
deb http://ppa.launchpad.net/awn-testing/ubuntu jaunty main deb-src http://ppa.launchpad.net/awn-testing/ubuntu jaunty main
If, like most people, you're using another version of Ubuntu -- such as the most recent stable version -- then you need to select that version from the drop-down box. That'll automatically update the URLs you need to copy.
Take a look at the Ubuntu guide to adding extra software repositories to find out how to add those URLs to your local Ubuntu system.
Adding a PPA's keys to your system
Each PPA has its own unique key that is used to sign the packages in that archive. This lets you know that:
- the packages you're downloading haven't been altered since Launchpad built them
- you are downloading from the PPA you wanted.
Important: You download and install PPA packages at your own risk. Ubuntu, Launchpad and Canonical do not endorse these packages. You must be certain that you trust the PPA owner before you install their software.
Until you add the PPA's key to your own system, you'll see warnings that you're downloading from an untrusted source. If you trust the PPA owner, add the PPA's key to your system.
Tip: for a general introduction to GPG keys and signing, see Ubuntu's GPG help page.
Adding the keys in the terminal
If you're used to adding keys to your personal keyring, you'll still want to read this section as we're going to add the PPA's key to apt's keyring.
First up, visit the PPA's overview page. Let's go back to the AWN Testing team's PPA that we were looking at earlier.
Here you can see the fingerprint of the PPA's key. It'll look something like this: B0BE17C2A0C914F086B7B8327D2C7A23BF810CD5. Copy/make a note it. You can trust that this is the right fingerprint because the page is served securely.
Now, open a terminal. To add the AWN key, you'd enter this:
gpg --no-default-keyring --keyring /tmp/awn.keyring --keyserver keyserver.ubuntu.com --recv B0BE17C2A0C914F086B7B8327D2C7A23BF810CD5 && gpg --no-default-keyring --keyring /tmp/awn.keyring --export --armor B0BE17C2A0C914F086B7B8327D2C7A23BF810CD5 | sudo apt-key add - && rm /tmp/awn.keyring
Let's break that down: you're asking gpg to pull down the public part of AWN's PPA key but rather than add it to your own keyring you're telling it to use a temporary keyring /tmp/awn.keyring. You can call that temporary keyring anything you like.
Next up you're telling gpg to export AWN's PPA key to apt-key, which means that apt will now recognise the AWN PPA's key and use it to very packages in that archive.
Finally, the command deletes the temporary AWN keyring.
Building your source package
Before you start using your PPA to distribute software, you need to be familiar with building .deb source packages for Ubuntu. The best place to learn how to package for Ubuntu is the Ubuntu packaging guide.
You should also ensure that the email address and GPG key you use with dput are the same as those associated with your Launchpad account.
There are a couple of aspects of PPAs that work slightly differently to standard Ubuntu packages:versioning and dependencies.
Let's take a look at each in detail.
Ubuntu package names are suffixed by the version number of the package. This allows Ubuntu to distinguish newer packages from older ones and so remain up to date.
If you're creating an alternative version of a package already available in Ubuntu's repositories, you should ensure that:
- your package supersedes the official Ubuntu version
- future Ubuntu versions will supersede your package.
To do this, increase the Ubuntu version number and add a suffix of ~ppan (where n is your package's revision number).
For example: you're creating an experimental version of the myapp_1.0-1 package. Your PPA package would be named myapp_1.0-2~ppa1.
Here, the tilde knocks the precedence of the package down to below whatever is in front of it. So, for now, this package counts as being a higher version number than myapp_1.0-1 but when Ubuntu releases myapp_1.0-2 that will supersede your PPA version.
Version numbers must be unique. This has implications if you want to provide packages for multiple Ubuntu series at once:
If your package can be used on different versions of Ubuntu without being recompiled then use the naming scheme already described. When you have successfully uploaded your package to your PPA you can copy the existing binaries to the new series; see Copying packages below.
If your package does need to be recompiled to support multiple Ubuntu series, then you should add a suffix of the series name to the version number. So a package for the Intrepid Ibex could be named myapp_1.0-2~ppa1~intrepid1 and for the Hardy Heron myapp_1.0-2~ppa1~hardy1. If you need to release an updated package, increment the ~ppan suffix. It is important to note that specifying the version name here doesn't change the series that you are targetting; this must still be set correctly as described in the Ubuntu packaging guide's section on the changelog file.
Launchpad satisfies your package's Build-Depends using:
- the most recent versions of the packages in the PPA you're uploading to
- all sections of the primary Ubuntu archive - i.e. main, restricted, universe and multiverse
optionally: other PPAs in Launchpad.
Note: If you're already familiar with uploading to the Ubuntu primary archive, you should note that PPA builds do not have any build dependency restrictions, unlike a build in the primary Ubuntu archive. If you want to build the same package in the primary Ubuntu archive at a later point you may need to revise the package's component and/or pocket.
Depending on other PPAs
If you want Launchpad to satisfy your package dependencies using one or more other PPAs, follow the Edit dependencies link on your PPA or the team's overview page.
See the Ubuntu packaging guide's section on building source packages.
How you build your package depends on whether you're creating a brand new package or you're creating a derivative of a package that's already in Ubuntu's primary archive.
If you're creating an alternative version of a package that's already in Ubuntu's primary archive, you don't need to upload the .orig.tar.gz file, i.e. the original source.
So, the debuild options you'd use are:
alternative version of an existing package (will be uploaded without the .orig.tar.gz file): debuild -S -sd
brand new package with no existing version in Ubuntu's repositories (will be uploaded with the .orig.tar.gz file): debuild -S -sa
Note: If you get the error clearsign failed: secret key not available when signing the changes file, use an additional option -k[key_id] when calling debuild. Use gpg --list-keys to get the key ID. Look for a line like "pub 12345/12ABCDEF"; the part after the slash is the key ID.
Dput is the tool you use to upload your source package to Launchpad. It uploads the following files:
and optionally the .orig.tar.gz (if you used debuild -S -sa to build your package)
First, you need to tell dput where to send your package and by what method. To do that, edit ~/.dput.cf to look like this:
[my-ppa] fqdn = ppa.launchpad.net method = ftp incoming = ~your-launchpad-id/ubuntu/ login = anonymous allow_unsigned_uploads = 0
Change the first line to whatever name you want to use to refer to your PPA, while retaining the square brackets.
If you're uploading to a team PPA, change the ~your-launchpad-id to your team's Launchpad name (maintaining the tilde). As you might expect, you must be a member of the team before you can upload to its PPA.
Next, open a terminal and enter the following:
$ dput my-ppa P_V_source.changes
Replace P with the package name and V with the version number.
Find out about possible upload errors.
Using packages from other distributions
You can use your PPA to build sources from other distributions that use .deb packages.
Create a new dput configuration section using incoming = ~<lp_name>/ubuntu/<suite> and the suite you specify will override the suite named in the upload changelog when you upload it using the new configuration:
$ dput my-ppa-force-hardy P_V_source.changes
You can upload a source from any Debian-compatible distribution straight to your PPA with no changes required.
Important: Although Launchpad will attempt to build the package, it may not be able to meet all of the dependencies of a source created for another a distribution.
You can copy packages from other PPAs into any PPA that you can upload to. You also have the option of copying packages between distro-series (i.e different distribution releases).
For example: take a look at the Ubuntu Mobile team's PPA copy packages page.
Here you can:
- select one or more sources to copy
- select the destination PPA - you must have upload permission for that archive
- specifiy the destination series
- choose whether or not to also copy the related binary package.
As soon as you request the copy, the source will be listed in your PPA with details of it origin. However, it can take up to twenty minutes for the files to actually appear in your archive.
If you only copy the source, the corresponding build records are created in the destination PPA immediately.
You can delete any package from your PPA. However, it can take some time before the package is removed from the listing on your PPA overview page and the reported size of your archive is adjusted.
The deletion page allows you to schedule packages for deletion. To do this, search first for the desired packages, select one of more of them, input a comment, and request deletion. Deletion will affect the source selected and any binary packages built from it.
Deletion marks the packages as deleted in the UI, but they are actually removed from your PPA in separate steps:
Archive indexes: A deleted package disappears from the archive indexes in at most 20 minutes. As soon as this happens, users will no longer be able to install it via apt.
Files on disk: A file will be removed from the archive disk pool only when all packages referencing it have been scheduled for deletion. This includes packages published in other series, or multiple package versions referring to the same original upstream tarball.
The archive removal job runs every 30 minutes. It may take some time to remove a file from disk, depending on the number of packages referencing it. In the most common situation, files are removed within an hour.
Because of these conditions, the easiest alternative to replace a broken source is always to upload a package with a higher version number and let the system automatically supersede and remove the older version. You should not rely on deletion requests to re-upload the same source version with different contents.
Frequently asked questions
What limits apply to the PPA service?
How many users can download packages from my PPA?
There are no limits on the number of users you can point at your PPA. We would encourage you to build communities of users and testers around your PPA, and there are no bandwidth restrictions on downloads from any PPA.
How many PPAs can I have?
Each user and team in Launchpad can have a single public PPA. If you want to have different versions of the same package, testing different features or focused on different use cases, then we would encourage you to create a new team and use the PPA for that team. That way, for example, you can have a team of people interested in "server" issues that has one version of the Apache package, and another interested in "workstation" issues that has a different version of the same package, each in a different PPA. Please don't abuse this capability!
Why are only X86, AMD64 and LPIA architectures supported?
We use the Xen virtualisation system for security during the build process, ensuring that each build has a clean build environment and different developers cannot impact on one another's builds accidentally. This technology is only available for these architectures.