I'm researching how to supply some software as a Debian package. I intend to act as a third party supplier, and forgo adding the sources to Debian through a sponsor. Users must add the appropriate entry to their sources.list
.
According to the Debian docs on Debian Repository | Use Third Party:
Keys updates SHOULD be distributed by a Debian package called
deriv-archive-keyring
. This package MUST distribute the key in binary form in the aforementioned location ... and MAY also include the/etc/apt/sources.list.d/deriv.sources
or/etc/apt/sources.list.d/deriv.list
files and the/etc/apt/preferences.d/deriv.pref
file
It seems to me if two different third party packages are used, then a name collision will occur and one third party package will overwrite the other third party package. For example, if a user already added one third party repo, then my deriv-archive-keyring
will overwrite the earlier deriv-archive-keyring
.
How does Debian avoid one package overwriting another package?