Mastering Linux Package Dependencies: Legal and Aggressive Fixes for dpkg and rpm

Legal solutions for dpkg/apt‑get

Typical installation uses sudo apt-get install <package>, which pulls required dependencies automatically. If dependency installation fails, run sudo apt-get -f install to fix broken installs.

When a required library is missing from the repositories, download the .deb manually (e.g., from a mirror) and install it with sudo dpkg -i <file.deb>. You can locate missing packages by searching online ("<package> <version> deb") or by browsing configured apt sources such as:

deb https://mirrors.tuna.tsinghua.edu.cn/ubuntu/ xenial main restricted universe multiverse

The above line defines four directories ( main, restricted, universe, multiverse) that apt‑get scans for packages. If you have the .deb file, you can install it directly with: sudo apt-get install ./<file.deb> Another handy tip is to use apt-get install with a local path, ensuring the package name is prefixed with ./ so apt does not search the remote repository.

Violent (forceful) solutions for dpkg

When standard fixes fail, you can resort to more aggressive methods:

Ignore dependencies : Use dpkg --ignore-depends=<pkg1>,<pkg2> ... or add --force-... options. Example output shows the option syntax.

Strip dependency fields : Extract the .deb with dpkg-deb -R <pkg.deb> ./tmp, edit the control file to remove the Depends line, then rebuild with fakeroot dpkg-deb --build ./tmp newpkg.deb.

Fake installed packages : Edit /var/lib/dpkg/status and add a fabricated entry for the missing package (copy the format of an existing entry, replace Package name, and optionally adjust Version).

Run despite failure : Since dpkg extracts files before dependency checks, you can locate the installed files with dpkg --contents <pkg.deb> or dpkg -S <binary>, then execute the binaries directly (usually under /usr/bin/).

Force unpack : Use dpkg -X <pkg.deb> / to unpack the package tree onto the root filesystem and manually invoke the program.

Patch dpkg source : Clone the dpkg repository ( https://git.dpkg.org/git/dpkg/dpkg.git), modify packages.c – change the dependencies_ok function to always return DEP_CHECK_OK (or 2), recompile, and replace the system dpkg.

rpm equivalents

Most of the above dpkg tricks have analogous (or limited) counterparts for rpm:

Ignore dependencies with rpm --nodeps.

RPM stores package metadata in a binary database, making manual status edits impractical.

RPM checks dependencies before extracting files, so the "run despite failure" technique does not apply.

Unpacking and repackaging an rpm is possible but far more cumbersome due to the .spec file format and lack of straightforward extraction tools.

Modifying rpm source to bypass dependency checks is theoretically possible but far more complex and was not achieved in practice.

In practice, the most reliable cross‑distribution approach is to use the standard package manager (apt‑get/yum) when possible, or to manually download and install the needed .deb/.rpm files, accepting the inherent risks of forced installations.