Ubuntu OS (Operating System) is a distribution of Linux OS and is a derivative of Debian OS which is another distribution of Linux OS
A lot of people use Ubuntu for their Linux Servers and even as their Desktop machine OS. I personally use Ubuntu a lot when working with Linux VMs, for playing around with things. It's free, and it has the most basic things. It's also the one distribution that I have used a lot of. While many hard core linux nerds might talk about other light weight and fast Linux distributions and fancy ones too, like Arch Linux etc, I personally like Ubuntu
In Ubuntu, a popular way to install software is by using `apt` (previously `apt-get`). `apt` is a package manager for Debian and it's derivatives like Ubuntu. `apt` is short for Advanced Package Tool (APT)
`apt` has CLI (Command Line Interface) interface - basically it's a command line tool, not some fancy GUI (Graphical User Interface) program with windows, buttons etc
When you do `apt install -y python3`, it installs Python v3.x.y for you
When you do `apt update` it updates the local repository index from the repository sources that are configured in the system. Usually these are present in `/etc/apt/sources.list` file and also inside a directory `/etc/apt/sources.list.d/`. For example, I'm using a Linux VM which has Ubuntu 26.04 LTS. I can see that there's a source list file in `/etc/apt/sources.list.d/` - `/etc/apt/sources.list.d/ubuntu.sources`, which reads like this
```bash
$ cat /etc/apt/sources.list.d/ubuntu.sources
# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
## Ubuntu distribution repository
##
## The following settings can be adjusted to configure which packages to use from Ubuntu.
## Mirror your choices (except for URIs and Suites) in the security section below to
## ensure timely security updates.
##
## Types: Append deb-src to enable the fetching of source package.
## URIs: A URL to the repository (you may add multiple URLs)
## Suites: The following additional suites can be configured
## <name>-updates - Major bug fix updates produced after the final release of the
## distribution.
## <name>-backports - software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
## Components: Aside from main, the following components can be added to the list
## restricted - Software that may not be under a free license, or protected by patents.
## universe - Community maintained packages. Software in this repository receives maintenance
## from volunteers in the Ubuntu community, or a 10 year security maintenance
## commitment from Canonical when an Ubuntu Pro subscription is attached.
## multiverse - Community maintained of restricted. Software from this repository is
## ENTIRELY UNSUPPORTED by the Ubuntu team, and may not be under a free
## licence. Please satisfy yourself as to your rights to use the software.
## Also, please note that software in multiverse WILL NOT receive any
## review or updates from the Ubuntu security team.
##
## See the sources.list(5) manual page for further settings.
Types: deb
URIs: http://archive.ubuntu.com/ubuntu/
Suites: resolute resolute-updates resolute-backports
Components: main universe restricted multiverse
Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg
## Ubuntu security updates. Aside from URIs and Suites,
## this should mirror your choices in the previous section.
Types: deb
URIs: http://security.ubuntu.com/ubuntu/
Suites: resolute-security
Components: main universe restricted multiverse
Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg
```
So, how does `apt install python3` really work? It works by looking at the packages available in the local repository index - which is obtained from official sources and any other extra third party sources - that the user trusted and added to the list of sources. For example, I have added ClickHouse package repository as a source, like this -
```bash
$ cat /etc/apt/sources.list.d/clickhouse.list
deb [signed-by=/usr/share/keyrings/clickhouse-keyring.gpg] https://packages.clickhouse.com/deb lts main
```
For the above to work, I did the following in order
```bash
# Get necessary packages
$ sudo apt-get install -y apt-transport-https ca-certificates curl gnupg
# Get ClickHouse Keyring - for the channel you want. For example, the below is for LTS channel, there's another channel named as Stable channel
$ curl -fsSL 'https://packages.clickhouse.com/rpm/lts/repodata/repomd.xml.key' | sudo gpg --dearmor -o /usr/share/keyrings/clickhouse-keyring.gpg
# Finally create a sources list file with the keyring and the ClickHouse package repository URL
$ echo "deb [signed-by=/usr/share/keyrings/clickhouse-keyring.gpg] https://packages.clickhouse.com/deb lts main" | sudo tee /etc/apt/sources.list.d/clickhouse.list
```
So, after checking the local repository index, it gets the package information from there. You can find this information yourself too and do the search yourself too. For example, like this -
```bash
$ apt search python3
$ apt info python3
```
Once it has the information from the local repository index about the package, it uses that information to download the package and install it. When I say package - it's the software - packaged software, which can be installed with any extra things that's provided with the package - say install scripts etc
In the case of Debian Linux Distributions like Ubuntu, the packages are called Debian Packages
Now, how do you see what's a Debian Package you ask? Well, you can just download the package file and see it yourself
```bash
$ apt download python3
```
You will see something like `python3_3.14.3-0ubuntu2_amd64.deb` downloaded in your local machine in the directory that you ran the above command in. Once it's downloaded, you can inspect this file in various ways. One way is to use `dpkg` and related tools like `dpkg-deb` etc. Another way is to use `ar` tool. The Debian package that you have downloaded is file with `.deb` extension - to indicate that it's a Debian package file. `.deb` Debian package files are basically `ar` archives. `ar` is an archive utility similar to `tar`, `zip`, `gzip` etc
To see the contents of the `.deb` archive file which is an `ar` archive file, do something like this -
```bash
$ ar tv python3_3.14.3-0ubuntu2_amd64.deb
```
> Note: Before using `ar`, you will need `ar`. You will need to install `ar` using something like `sudo apt install binutils`. `binutils` package has `ar` as part of it
Output will look like this -
```bash
$ ar tv python3_3.14.3-0ubuntu2_amd64.deb
rw-r--r-- 0/0 4 Mar 21 09:46 2026 debian-binary
rw-r--r-- 0/0 1770 Mar 21 09:46 2026 control.tar.zst
rw-r--r-- 0/0 20976 Mar 21 09:46 2026 data.tar.zst
```
You can see that `.deb` files are not magic and that they are just compressed (or archived) files, using `ar` tool
You can also extract the `.deb` files using `ar`, like this
```bash
ar xv python3_3.14.3-0ubuntu2_amd64.deb
```
The output will look like this
```bash
$ ar xv python3_3.14.3-0ubuntu2_amd64.deb
x - debian-binary
x - control.tar.zst
x - data.tar.zst
```
Now, you can check these files
> Note: Before using `zstd` as part of `tar`, you will need `zstd`. You will need to install `zstd` using something like `sudo apt install zstd`.
You can use `tar` and internally `zstd` to see the contents of these `.zst` files
```bash
$ tar tf control.tar.zst
```
The output will look like this
```bash
$ tar tf control.tar.zst
./
./control
./md5sums
./postinst
./postrm
./preinst
./prerm
```
And
```bash
$ tar tf data.tar.zst
```
The output will look something like this
```bash
$ tar tf data.tar.zst
./
./usr/
./usr/bin/
./usr/lib/
./usr/lib/valgrind/
./usr/lib/valgrind/python3.supp
./usr/share/
./usr/share/doc/
./usr/share/doc/python3/
./usr/share/doc/python3/copyright
./usr/share/doc/python3/python-policy.txt.gz
./usr/share/doc/python3.14/
./usr/share/doc-base/
./usr/share/doc-base/python3.python-policy
./usr/share/lintian/
./usr/share/lintian/overrides/
./usr/share/lintian/overrides/python3
./usr/share/man/
./usr/share/man/man1/
./usr/share/pixmaps/
./usr/share/python3/
./usr/share/python3/python.mk
./usr/share/python3/runtime.d/
./usr/share/python3/runtime.d/public_modules.rtinstall
./usr/share/python3/runtime.d/public_modules.rtremove
./usr/bin/pdb3
./usr/bin/pydoc3
./usr/bin/pygettext3
./usr/share/doc/python3/README.Debian
./usr/share/doc/python3/changelog.Debian.gz
./usr/share/doc/python3.14/python-policy.txt.gz
./usr/share/man/man1/pdb3.1.gz
./usr/share/man/man1/pydoc3.1.gz
./usr/share/man/man1/pygettext3.1.gz
./usr/share/pixmaps/python3.xpm
```
> Note: You can also use `tar tvf data.tar.zst`
To extract the files, just use this
```bash
$ tar xvf data.tar.zst
```
You will notice that the `debian-binary` is just a plain text file -
```bash
$ file debian-binary
$ cat debian-binary
```
The output will look something like this
```bash
$ file debian-binary
debian-binary: ASCII text
$ cat debian-binary
2.0
```
The `data.tar.zst` is the set of files that will get "installed" - that is, get put into the right places, like `/usr`, `/usr/bin/`, `/usr/share/`
The `control.tar.zst` is the set of files which contains package metadata, post install script (postinst), pre install script (preinst), etc.
I ended up learning all this when I was checking how to find the different configurations that I can provide during installation of ClickHouse Server package (`clickhouse-server`), since I wanted to install it in a machine automatically with no human intervention but when I ran `apt install -y clickhouse-server`, it installed ClickHouse Server but also started setting it up and asked default user's password for the default ClickHouse DB user - and this was an interactive input. So, on digging I found that it's part of post install script and it can be bypassed by using an environment variable. An AI told this to me (ChatGPT!). But then, I wanted to know what all such environment variables are there that I can set and use to control the installation, and that's when I learned all this Debian Package stuff :)