Today a quick how-to about repackaging of a Debian package with broken dependencies.

The context

I use a package automatically built from a custom repo who is broken. It uses a mandatory broken dependency libssl1.0.0. This outdated package has been retired from Debian Stretch repositories.

As this custom repository don’t provide package sources, I had to dig into this debian package to edit the control file, where package dependencies are defined.

Let’s go

You can change the dependencies of a deb package like this:

  1. Unpack deb: ar x golden-linux.deb (will create i.e. three files: debian-binary control.tar.gz data.tar.gz)
  2. Unpack control archive: tar xzf control.tar.gz (will create: postinst postrm preinst prerm md5sums control)
  3. Fix dependencies in control (use a text editor)
  4. Repack control.tar.gz: tar --ignore-failed-read -cvzf control.tar.gz {post,pre}{inst,rm} md5sums control
  5. Repack deb: ar rcs newpackage.deb debian-binary control.tar.gz data.tar.gz (order important! See [Note] )

[Note]: dpkg wouldn’t be able to read the metadata of a package quickly if it had to search for where the data section ended!

So, I was able to replace the libssl1.0.0 broken dependency with the libssl1.0.2 one, who is part of Debian stretch.

Thanks to https://serverfault.com/questions/250224/how-do-i-get-apt-get-to-ignore-some-dependencies and my Google search ability who point me to the solution.