Managing repositories
The package repositories that apk uses to retrieve package files for installation are specified in file /etc/apk/repositories . Each line of this file specifies the location of a package repository, and optionally a tag. Lines that start with a hash character (#) are ignored.
The location may be an http:// or https:// URL, or the path to a directory on the local filesystem. A tagged repository is prefixed with the @tag specifier, followed by a space and the repository location.
The default will look something like:
Contents of /etc/apk/repositories
#/media/cdrom/apks http://dl-cdn.alpinelinux.org/alpine/v3.16/main http://dl-cdn.alpinelinux.org/alpine/v3.16/community
After making changes to /etc/apk/repositories you should update the package index using:
Changing repositories to https
For better security you should probably change the url’s from http to https. [1]
Note: Some Alpine Linux package mirrors may not support https. If that is the case, you will need to change mirrors or revert back. You can check if your mirror supports https on https://mirrors.alpinelinux.org
Avoid manually changing the repositories file for a new release
You can avoid having to manually update the version in /etc/apk/repositories for each Alpine Linux release by changing v3.16 to latest-stable .
Contents of /etc/apk/repositories
#/media/cdrom/apks https://dl-cdn.alpinelinux.org/alpine/latest-stable/main https://dl-cdn.alpinelinux.org/alpine/latest-stable/community #http://dl-cdn.alpinelinux.org/alpine/edge/main #http://dl-cdn.alpinelinux.org/alpine/edge/community #http://dl-cdn.alpinelinux.org/alpine/edge/testing
Warning: Changing the repositories to latest-stable may initiate unexpected release upgrades.
Release Branches
There are several release branches for Alpine Linux available at the same time. Each May and November we make a release branch from edge. The main repository is typically supported for 2 years and the community repository is supported until next stable release.
Security fixes beyond that can be made on request when there are patches available.
Main
main has a support cycle of 2 years. We also try to limit the amount of packages in main to only include base system packages, in base you can think of packages which are needed by other packages or are needed to setup a basic system. Packages in main must not have dependencies in other repositories.
Community
The community repository was introduced with Alpine Linux version 3.3.0. community has a maximum support cycle of 6 months. After that you will need to update to the new release to continue to have support.
Edge
edge is the name given to the current development tree of Alpine Linux. It consists of an APK repository called edge and contains the latest build of all available Alpine Linux packages. Those packages are updated on a regular basis.
Warning: edge is under constant development so be careful using it in production. It is possible that bugs in edge could cause data loss or could break your system.
End users should not use edge as their main day-to-day workstation or as a productive system. Because edge is a development branch, many changes are not heavily tested (or tested at all) and packages in edge can and sometimes do break without warning.
However, testing edge is a very valuable activity which helps the Alpine Linux development to ensure that the quality of the stable releases is high. Testing edge is a great way to contribute to the Alpine Linux development.
Upgrading to edge
An upgrade of Alpine Linux from a stable version to the rolling development version edge basically requires the same steps as Upgrading to latest release.
The crucial difference is, that when editing the /etc/apk/repositories file, all referenced repository versions (such as v3.2 or latest-stable ) therein need to be pointing to edge as in:
Warning: Do not enable stable and edge repos at the same time. This can break your system. Either use edge or stable.
After upgrading to edge, the currently installed edge version may be checked with
and referring to the build date that is attached to the release.
Testing
The testing repository was introduced with Alpine Linux edge development. No support (staging only) and only built for edge. If it stays here long enough it gets moved to unmaintained/purged (gets cleaned up every 6 months).
Before a package can move from testing to main or community, the following requirements must be met:
- Package must work correctly, including the init.d script (if provided) and default configuration.
- Packaging must be done correctly, with files installed in the right places, e.g. configs are in /etc/ and not in /usr/etc .
- Package dependencies are handled correctly. Abuild can (and should) autodetect shared libs, for example sqlite-libs provides so:libsqlite3.so.0. Any package linked to sqlite should have an automatically (by abuild) added depend=so:libsqlite3.so.0 and the user should not have to manually add a depend=»sqlite-libs» in the APKBUILD.
- There is a maintainer who claims responsibility for the maintenance of the package and can help fix things if they break in the future.
Using the testing repository on stable branches
Warning: Only do this if you’re 100% sure what you’re doing! Installing packages from edge that link to something in main or community usually will not work. Alpine does not officially support mixing branches this way.
Edit the file /etc/apk/repositories and add (or uncomment) a line that points to the «testing» directory, while also tagging the repository, for example:
Contents of /etc/apk/repositories
https://dl-cdn.alpinelinux.org/alpine/v3.16/main https://dl-cdn.alpinelinux.org/alpine/v3.16/community @testing https://dl-cdn.alpinelinux.org/alpine/edge/testing
In that case, the tag is @testing , which allows you to pull packages from that repository without potentially messing up your install (too badly):
$ apk add wireguard-go@testing
See also
Alpine security
This material is obsolete .
This appears to be related to a deprecated script. See notice on Alpine Security and Rescue (Discuss)
Basics
Name | Description | URL |
---|---|---|
alpine-base | Alpine base package | https://pkgs.alpinelinux.org/packages?name=alpine-base |
alpine-mirrors | List of Official Alpine Linux Mirrors | https://mirrors.alpinelinux.org/ |
bkeymaps | Binary keymaps for busybox | http://dev.alpinelinux.org/alpine/bkeymaps [Dead Link] |
network-extras | Meta package to pull in vlan, bonding, bridge and wifi support | https://pkgs.alpinelinux.org/packages?name=network-extras |
openssl | Toolkit for TLS | https://www.openssl.org/ |
tzdata | Timezone data | https://www.iana.org/time-zones |
Code Analysis
Forensics / Data recovery tools
Name | Description | URL |
---|---|---|
dc3dd | Patched version of GNU dd for use in computer forensics | https://sourceforge.net/projects/dc3dd/ |
ddrescue | Data recovery tool for block devices with errors | https://www.gnu.org/s/ddrescue/ddrescue.html |
testdisk | A powerful free data recovery software | https://www.cgsecurity.org/wiki/TestDisk |
scrub | Disk scrubbing program | https://code.google.com/archive/p/diskscrub/ |
ncdu | A curses-based version of the well-known «du» | https://dev.yorhel.nl/ncdu |
htop | An interactive process viewer for Linux | https://htop.dev/ |
mac-robber | A tool that collects data from allocated files in a mounted file system | https://www.sleuthkit.org/mac-robber/desc.php |
wipe | Tool for securely erasing files from magnetic media | http://lambda-diode.com/software/wipe/ [Dead Link] |
nwipe | Securely erase disks using a variety of recognized methods | https://github.com/martijnvanbrummelen/nwipe/ |
jhead | An Exif jpeg header manipulation tool | https://www.sentex.net/~mwandel/jhead/ |