So I figure it’s good to dig into things at random sometimes, to see what wisdom they will lay upon us. It’s like when you were a kid and your parents were going to throw away some piece of broken technology (this was before eCycling, of course), they would let you pull it apart (with a hammer, if necessary, though you tried to stick to screwdrivers). You got to see the guts. Those little buttons were just proxies for the real buttons (be they plain switches or membranes or whatever).
But, that’s another topic for another day. The first thing we need is a package to dig into. That requires either inspiration or randomness, and since I don’t have one in mind, we’ll rely upon the latter. So, open a shell and put the package manager and other tools to work to pick one.
For the first try, I’ll most restrictions to the search, but if it picks something small like a subpackage of a larger piece of software, I’ll use the main package. I don’t want virtual packages, non-free packages, or libraries to be chosen, so I will ignore them. Also, I only want packages that I’ve got installed, as there’s some chance I’ll have a little familiarity with them.
aptitude search '~i!~snon-free!~slib!~v'
~s[expression]means “section contains [expression]”
~vmeans “virtual packages”
And I got a list of packages back. A little over 1,200 packages (if I pipe the output (
command | otherCommand) to
wc -l, it counts the lines for me). And now I want to pick one of them, so I’ll rely on
shuf to make my life easy. I’ll pipe the search to
shuf -n1, which will shuffle the incoming lines and then output the number I’ve chosen, in this case a single line.
aptitude search '~i!~snon-free!~v!~slib' | shuf -n 1
And we get:
i clamz - command-line program to download MP3's fro
Well, it gets cut off due to the terminal only being 80 characters wide. So now the investigation begins.
First, I open aptitude proper and type /^clamz$[enter] which searches for that exact name. It highlights the package in the listing:
Actions Undo Package Resolver Search Options Views Help C-T: Menu ?: Help q: Quit u: Update g: Download/Install/Remove Pkgs aptitude 0.6.4 i clamz 0.4-3 0.4-3 p clive <none> 2.2.27-1 p clive-utils <none> 2.1.6-1 p clzip <none> 1.2-2 p cmip5-cmor-tables <none> 1.3.10-1 p cmospwd <none> 5.0+dfsg-2 p codfis <none> 0.4.7-1 p collectd <none> 4.10.1-2.1 p collectd-core <none> 4.10.1-2.1 p collectd-dev <none> 4.10.1-2.1 command-line program to download MP3's from Amazon Clamz is intended to serve as a substitute for Amazon's official MP3 ▒ Downloader, which is not free software. Clamz can be used to download either ▒ individual songs or complete albums that you have purchased from Amazon. ▒ Homepage: http://code.google.com/p/clamz/ ▒
Now, I press [enter] to examine it. This shows the description again, but tells me the section, priority, maintainer, and so forth.
The interesting part begins with the
--\ Depends (4) --- libc6 (>= 2.3) --- libcurl3-gnutls (>= 7.16.2-1) --- libexpat1 (>= 1.95.8) --- libgcrypt11 (>= 1.4.6) --- Packages which depend on clamz (0) --\ Versions of clamz (1) i 0.4-3
This gives us an overview of what the source is probably like. It depends on
libc6, which means it’s at least partly written in C. It uses
libcurl-gnutls, which is the library that supports the tool
curl which downloads things over HTTP (ie, the dominant web protocol). In this case, it’s the version of
curl with security support provided by
GnuTLS which is the GNU Project‘s implementation of TLS, used to encrypt connections to websites and other Internet/network services.
That makes sense, as the description told us
clamz downloads music from Amazon.
Indeed, I was overjoyed to find
clamz as a substitute for the seldom-updated and clunky official tool provided by Amazon. It’s a great little tool, does one thing and does it well.
But let’s keep digging. What about
libgcrypt? I’m not familiar. The latter is almost definitely something to do with encryption, but we can simply select them in turn and read about them.
libexpat‘s information screen says:
i A --\ libexpat1 2.0.1-7 2.0.1-7 Description: XML parsing C library - runtime library This package contains the runtime, shared library of expat, the C library for parsing XML. Expat is a stream-oriented parser in which an application registers handlers for things the parser might find in the XML document (like start tags). Homepage: http://expat.sourceforge.net
I can also read the number of packages that depend on it (directly; indirectly would take some traversal): 292 packages.
libgcrypt‘s information screen says:
i --\ libgcrypt11 1.5.0-3 1.5.0-3 Description: LGPL Crypto library - runtime library libgcrypt contains cryptographic functions. Many important free ciphers, hash algorithms and public key signing algorithms have been implemented: Arcfour, Blowfish, CAST5, DES, AES, Twofish, Serpent, rfc2268 (rc2), SEED, Camellia, CRC, MD4, MD5, RIPE-MD160, SHA-1, SHA-256, SHA-512, Tiger, Whirlpool, DSA, DSA2, ElGamal, RSA, ECC. Homepage: http://directory.fsf.org/project/libgcrypt/
libgcrypt is used for computing hashes and other cryptographic uses. Neat. How many packages directly depend on it? 278 packages.
Oh, for the record we’ll look at the direct dependent count for the other two libraries:
libc6has 16,978 direct dependents
libcurl3-gnutlshas 235 direct dependents
All of the libraries that
clamz uses are well-used by a lot of other packages. That’s a good thing, as it means their code is highly tested and dependable. It also means that the author(s) of
clamz didn’t have to write or maintain any of the code that they depend upon, so that saved them time to work on their own tool.
Now let’s dig a little bit more into
clamz itself. To do this, I am going to grab the source that Debian ships (except for the
non-free packages, all Debian packages have the source code available for reuse by you or anyone). So (as a regular user):
mkdir clamz cd clamz apt-get source clamz
And voila, the source has been downloaded and extracted into
clamz/clamz-0.4 with all the necessaries for building it. Okay, not all. It’s possible that I don’t have the development copies of its dependents installed, in which case I would type (either with
sudo or as a superuser)
apt-get build-dep clamz to tell it I want to have all of the packages that I need to actually build
apt-get source [package] does get the source and extract it in a manner that it’s ready to be built into a package. The Debian package parts happen in the
clamz comes with five
.c source files and one
.h source header file. It also has a
man page file, a
desktop file, a
xml file used for its MIME registration, and its compilation structure (
configure files and
makefile). And, there’s some folder called
.pc which I have no clue about, so let’s look at it.
Ah, I immediately recognize the name
quilt that prefixes several of the files, along with several others including the word
patch. This folder is obviously there to contain patches to the original source and information about those patches. At present it only contains one patch, and the
applied-patches file tells us that it is applied; it’s a patch (
fix-clamz-desktop.patch/) that adds the
desktop file I mentioned, which is used to add the file to the frontend of GNU/Linux systems, so that users can find it in menus or searches.
I think that’s as far as we go, for now anyway. I could explain the structure of the Debian-specific packaging a bit more, but it’s a simple (ie, good) package so there aren’t a lot of details there. The
rules file only contains a command to install the
In other editions of this (if I continue it), I will probably look at source a bit.
If you do use GNU/Linux, and you do download music from Amazon, you should at least consider using
clamz. As seen here, the dependencies are a lot nicer than those of the official tool, and it’s definitely more UNIXy.